📦 Romm

RomM (ROM Manager) versions before 4.4.1 contain multiple unrestricted file upload vulnerabilities that allow authenticated users to upload malicious SVG or HTML files. When accessed, these files exec...

This vulnerability in RomM (ROM Manager) allows authenticated users to access private game collections belonging to other users by directly querying collection IDs via API. The system fails to verify ...

This vulnerability allows authenticated users in RomM (ROM Manager) to delete collections belonging to other users by sending a DELETE request to the collection endpoint without proper ownership verif...