CVE-2023-33706

SysAid before 23.2.15 allows Indirect Object Reference IDOR attacks to read ticket data via a modified sid parameter to EmailHtmlSourceIframe.jsp or a modified srID parameter to ShowMessage.jsp...

CVE-2021-33706

Due to improper input validation in InfraBox, logs can be modified by an authenticated user...

CVE-2023-33706

SysAid before 23.2.15 allows Indirect Object Reference IDOR attacks to read ticket data via a modified sid parameter to EmailHtmlSourceIframe.jsp or a modified srID parameter to ShowMessage.jsp...

CVE-2023-33706

SysAid CVE-2023-33706 affects SysAid before 23.2.15. The issue is an Indirect Object Reference (IDOR) allowing reading of ticket data by modifying sid to EmailHtmlSourceIframe.jsp or srID to ShowMessage.jsp. Affected component paths and parameters are explicitly named in connected sources. Impact...

CVE-2022-33706

Improper access control vulnerability in Samsung Gallery prior to version 13.1.05.8 allows physical attackers to access the pictures using S Pen air gesture...

CVE-2022-33706

Summary: CVE-2022-33706 affects Samsung Gallery prior to 13.1.05.8. The issue is an improper access control/vulnerability in Gallery, arising from faulty access validation logic, which could allow a physical attacker to access user pictures via the S Pen air gesture. Affected software: Samsung Ga...

CVE-2021-33706

CVE-2021-33706 affects SAP InfraBox, a cloud-native CI system. The vulnerability arises from improper input validation in InfraBox, allowing an authenticated user to modify logs. The available sources consistently describe the impact as an integrity risk to log data, with exploitation limited to ...