| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. |
| In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. |
| A vulnerability was found in SourceCodester Kortex Lite Advocate Office Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /control/adds.php. The manipulation of the argument name/gender/dob/email/mobile/address leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-260276. |
| A vulnerability has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /control/addcase_stage.php. The manipulation of the argument cname leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-260275. |
| A vulnerability, which was classified as critical, was found in SourceCodester Kortex Lite Advocate Office Management System 1.0. Affected is an unknown function of the file /control/activate_case.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-260274 is the identifier assigned to this vulnerability. |
| A vulnerability, which was classified as critical, has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0. This issue affects some unknown processing of the file /control/deactivate_case.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-260273 was assigned to this vulnerability. |
| In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. |
| In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. |
| In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. |
| In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. |
| In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. |
| In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. |
| In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. |
| In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. |
| In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. |
| The Web Stories for WordPress plugin supports the WordPress built-in functionality of protecting content with a password. The content is then only accessible to website visitors after entering the password. In WordPress, users with the "Author" role can create stories, but don't have the ability to edit password protected stories. The vulnerability allowed users with said role to bypass this permission check when trying to duplicate the protected story in the plugin's own dashboard, giving them access to the seemingly protected content. We recommend upgrading to version 1.32 or beyond commit ad49781c2a35c5c92ef704d4b621ab4e5cb77d68 https://github.com/GoogleForCreators/web-stories-wp/commit/ad49781c2a35c5c92ef704d4b621ab4e5cb77d68
|
| Missing Authorization in GitHub repository answerdev/answer prior to 1.0.9. |
| In dialer service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges. |
| In dialer service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges. |
| In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. |