CVE-2024-52511

MEDIUM Year: 2024
CVSS v3 Score
6.3
Medium
Weakness Type
CWE-639
View all →

Vulnerability Description

Nextcloud Tables allows users to to create tables with individual columns. By directly specifying the ID of a table or view, a malicious user could blindly insert new rows into tables they have no access to. It is recommended that the Nextcloud Tables is upgraded to 0.8.0.

Related Vulnerabilities

CVE-2017-0882

MEDIUM
CVSS:6.3(Medium)

Multiple versions of GitLab expose sensitive user credentials when assigning a user to an issue or merge request. A fix was included in versions 8.15.8, 8.16.7, and 8.17.4, which were released on Marc...

CWE-6392017

CVE-2021-3852

MEDIUM
CVSS:6.3(Medium)

growi is vulnerable to Authorization Bypass Through User-Controlled Key

CWE-6392021

CVE-2022-23173

MEDIUM
CVSS:6.3(Medium)

this vulnerability affect user that even not allowed to access via the web interface. First of all, the attacker needs to access the "Login menu - demo site" then he can see in this menu all the funct...

CWE-6392022

CVE-2023-1463

MEDIUM
CVSS:6.3(Medium)

Authorization Bypass Through User-Controlled Key in GitHub repository nilsteampassnet/teampass prior to 3.0.0.23.

CWE-6392023

CVE-2024-11146

MEDIUM
CVSS:6.3(Medium)

TrueFiling is a collaborative, web-based electronic filing system where attorneys, paralegals, court reporters and self-represented filers collect public legal documentation into cases. TrueFiling is ...

CWE-6392024

CVE-2024-33373

MEDIUM
CVSS:6.3(Medium)

An issue in the LB-LINK BL-W1210M v2.0 router allows attackers to bypass password complexity requirements and set single digit passwords for authentication. This vulnerability can allow attackers to a...

CWE-6392024