API - CVE CyberSecurity Database News (Page 268)

Sep 15, 2023 API Exploit strapi

CVE-2023-37263 - Strapi Relationship Field Permission Bypass Exploit Explained

CVE-2023-37263 is a security vulnerability found in Strapi, a popular open-source headless content management system (CMS). The bug affects all Strapi versions below 4.12.

Sep 15, 2023 API SQL Cloudroits

CVE-2023-40956 - SQL Injection in Cloudroits Website Job Search v15. — Details, Exploit, and Analysis

A serious SQL injection vulnerability, CVE-2023-40956, was recently discovered in Cloudroits Website Job Search v15.. This flaw lets a remote, authenticated attacker run arbitrary SQL

CVE-2023-38205 - Breaking Down the Adobe ColdFusion Security Feature Bypass

Sep 14, 2023 API Exploit Adobe ColdFusion

CVE-2023-38205 - Breaking Down the Adobe ColdFusion Security Feature Bypass

In June 2023, a serious security flaw was discovered in Adobe ColdFusion. This weakness, tracked as CVE-2023-38205, allows hackers to bypass security controls and access

Sep 13, 2023 API Exploit Skyhigh Security Skyhigh Secure Web Gateway (SWG)

CVE-2023-4400: Unmasking Skyhigh Secure Web Gateway's Password Management Vulnerability

A crucial password management vulnerability (CVE-2023-4400) has been discovered in Skyhigh Secure Web Gateway (SWG), specifically in its main releases 11.x before 11.2.

Sep 13, 2023 WordPress API Exploit vaultdweller Leyka

CVE-2023-4917 - Sensitive Information Exposure in Leyka WordPress Plugin—How Subscribers Can Steal Your Payment Secrets

A significant information disclosure vulnerability has been discovered in the Leyka plugin for WordPress, tracked as CVE-2023-4917. This flaw affects versions up to and including