4 matches found
CVE-2026-27605
Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to version 4.8.4, the application allows uploading files project logos without validating the file type or content. It trusts the extension provided by the user...
CVE-2026-27603 Chartbrew: Unauthenticated Chart Filter Endpoint: POST /project/:project_id/chart/:chart_id/filter missing verifyToken + checkPermissions
Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to version 4.8.4, the chart filter endpoint POST /project/:projectid/chart/:chartid/filter is missing both verifyToken and checkPermissions middleware, allowing...
PT-2024-24052 · Unknown · Roamwifi R10
Name of the Vulnerable Software and Affected Versions: RoamWiFi R10 versions prior to 4.8.45 Description: The issue is related to active debug code, allowing a network-adjacent unauthenticated attacker with access to the device to perform unauthorized operations. Recommendations: For RoamWiFi R10...
CVE-2020-14191
Affected versions of Atlassian Fisheye/Crucible allow remote attackers to impact the application's availability via a Denial of Service DoS vulnerability in the MessageBundleResource within Atlassian Gadgets. The affected versions are before version 4.8.4...