Vulnerabilities > Rangerstudio > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-19 | CVE-2019-13983 | Missing Authentication for Critical Function vulnerability in Rangerstudio Directus 7 API Directus 7 API before 2.2.2 has insufficient anti-automation, as demonstrated by lack of a CAPTCHA in core/Directus/Services/AuthService.php and endpoints/Auth.php. | 9.8 |
| 2018-05-05 | CVE-2018-10723 | Use of Hard-coded Credentials vulnerability in Rangerstudio Directus 6.4.9 Directus 6.4.9 has a hardcoded admin password for the Admin account because of an INSERT statement in api/schema.sql. | 9.8 |