Lunary 访问控制错误漏洞

lunary is lunary open source a production toolkit for LLM . An access control error vulnerability exists in lunary, which stems from improper access control in the /v1/templates/id/versions endpoint, and can be exploited by an attacker to modify any user's templates...

PT-2024-12198 · Enel X · Waybox Enel X

Name of the Vulnerable Software and Affected Versions: Waybox Enel X affected versions not specified Description: The Waybox Enel X web management application has a flaw that allows execution of arbitrary requests on the internal database via the /admin/versions.php endpoint. This issue affects...

Vimeo: Improper Authentication in Vimeo's API 'versions' endpoint.

The versions endpoint was exploitable by accounts that were not pro or business. Issue -- There was an authorization issue in versions endpoint, Which on exploiting could allow an attacker to leak private videos of pro/business users due to the fact version is only applicable for pro/business...