📦 Placipy
by Prasklatechnology
🔍 What is Placipy?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
PlaciPy version 1.0.0 passes user-controlled query parameters directly into DynamoDB query/filter construction without validation or sanitization. This allows attackers to inject malicious queries tha...
This vulnerability allows attackers to bypass authorization in PlaciPy placement management systems by manipulating JWT claims. Attackers can escalate privileges to admin level without proper server-s...
PlaciPy placement management system version 1.0.0 allows cross-tenant data access by deriving tenant identifiers from user-provided email domains without validating domain ownership. This vulnerabilit...
PlaciPy placement management system version 1.0.0 has an authorization vulnerability where authenticated users can access other users' student submission data due to missing ownership checks. This aff...
PlaciPy placement management system version 1.0.0 has a missing object-level authorization vulnerability that allows authenticated users to access assessment results they shouldn't have permission to ...
This vulnerability in PlaciPy version 1.0.0 allows attackers to execute code evaluation outside of intended assessment windows due to missing lifecycle state validation. Educational institutions using...
PlaciPy placement management system version 1.0.0 uses a hard-coded default password for all newly created student accounts, enabling attackers to log in as any student once this password is discovere...
PlaciPy placement management system lacks CSRF protection while allowing credentialed CORS requests, enabling attackers to perform unauthorized actions on behalf of authenticated users. Educational in...
PlaciPy placement management system logs sensitive data to console output without redaction in version 1.0.0. This allows attackers with access to console logs to view confidential information. Educat...
This CVE describes a missing authorization vulnerability in PlaciPy placement management system. Authenticated users can access, modify, or delete any student record regardless of permissions, affecti...