A Server-Side Request Forgery (SSRF) vulnerability exists in berriai/litellm version 1.38.10. This vulnerability allows users to specify the api_base parameter when making requests to POST /chat/compl ...
Continue Reading
September 13, 2024
The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the update_user_profile() f ...
Continue Reading
September 13, 2024
The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to unauthorized user registration in all versions up to, and including, 4.15.3. This is due ...
Continue Reading
September 13, 2024
Impact Incorrect Access Control, anyone using the post or verifyRequestSignature methods to handle messages is impacted. Patches Patched in version 4.0.3. Workarounds It's possible to check the p ...
Continue Reading
September 13, 2024
Impact Incorrect Access Control, anyone using the post or verifyRequestSignature methods to handle messages is impacted. Patches Patched in version 4.0.3. Workarounds It's possible to check the p ...
Continue Reading
September 13, 2024
whatsapp-api-js is a TypeScript server agnostic Whatsapp's Official API framework. It's possible to check the payload validation using the WhatsAppAPI.verifyRequestSignature and expect false ...
Continue Reading
September 12, 2024
whatsapp-api-js is a TypeScript server agnostic Whatsapp's Official API framework. It's possible to check the payload validation using the WhatsAppAPI.verifyRequestSignature and expect false ...
Continue Reading
September 12, 2024
whatsapp-api-js is a TypeScript server agnostic Whatsapp's Official API framework. It's possible to check the payload validation using the WhatsAppAPI.verifyRequestSignature and expect false ...
Continue Reading
September 12, 2024
Back to Main
