Search
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-24403 | 1 Magento | 1 Magento | 2020-11-12 | 4.0 MEDIUM | 2.7 LOW |
| Magento version 2.4.0 and 2.3.5p1 (and earlier) are affected by an incorrect user permissions vulnerability within the Inventory component. This vulnerability could be abused by authenticated users with Inventory and Source permissions to make unauthorized changes to inventory source data via the REST API. | |||||
| CVE-2020-24404 | 1 Magento | 1 Magento | 2020-11-12 | 5.5 MEDIUM | 2.7 LOW |
| Magento version 2.4.0 and 2.3.5p1 (and earlier) are affected by an incorrect permissions vulnerability within the Integrations component. This vulnerability could be abused by users with permissions to the Pages resource to delete cms pages via the REST API without authorization. | |||||
| CVE-2018-20927 | 1 Cpanel | 1 Cpanel | 2019-08-12 | 2.1 LOW | 3.8 LOW |
| cPanel before 70.0.23 allows jailshell escape because of incorrect crontab parsing (SEC-382). | |||||
| CVE-2014-6049 | 1 Phpmyfaq | 1 Phpmyfaq | 2018-10-23 | 5.5 MEDIUM | 2.7 LOW |
| phpMyFAQ before 2.8.13 allows remote authenticated users with admin privileges to bypass authorization via a crafted instance ID parameter. | |||||