CVE-2019-1000011


Security Bulletins

Latest Malware Updates

02/04/2019

CVE-2019-1000011

API Platform version from 2.2.0 to 2.3.5 contains an Incorrect Access Control vulnerability in GraphQL delete mutations that can result in a user authorized to delete a resource can delete any resource. This attack appears to be exploitable via the user must be authorized. This vulnerability appears to have been fixed in 2.3.6.

References: 



Security Advisories Database

A remote attacker can execute arbitrary code on the target system.

07/21/2015

SQL inection vulnerability has been discovered in Piwigo.

02/05/2015

A cross-site scripting (XSS) vulnerability has been discovered in DotNetNuke.

02/05/2015

A cross-site scripting vulnerability was found in Hitachi Command Suite.

02/02/2015

An attacker can perform a denial of service attack.

01/30/2015

An attacker can perform a denial of service attack.

01/30/2015

An attacker can perform a denial of service attack.

01/30/2015

An attacker can perform a denial of service attack.

01/29/2015

An attacker can perform a denial of service attack.

01/20/2015



Don't forget to share

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *