Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:58 p.m.10 views

CVE-2022-24187

The userid and deviceid on the Ourphoto App version 1.4.1 /device/ end-points both suffer from insecure direct object reference vulnerabilities. Other end-users userid and deviceid values can be enumerated by incrementing or decrementing id numbers. The impact of this vulnerability allows an...

7.5CVSS6.6AI score0.00745EPSS
Exploits1References1
Circl
Circl
added 2022/11/29 12:28 a.m.8 views

CVE-2022-24187

creationtimestamp| type| source ---|---|--- 2022-11-29 00:28:17+00:00| seen| https://t.me/cibsecurity/53604...

7.5CVSS7.3AI score0.00745EPSS
Exploits1References1
OSV
OSV
added 2022/11/28 10:15 p.m.3 views

CVE-2022-24187

The userid and deviceid on the Ourphoto App version 1.4.1 /device/ end-points both suffer from insecure direct object reference vulnerabilities. Other end-users userid and deviceid values can be enumerated by incrementing or decrementing id numbers. The impact of this vulnerability allows an...

7.5CVSS5.8AI score0.00745EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/11/28 12:0 a.m.7 views

CVE-2022-24187

The userid and deviceid on the Ourphoto App version 1.4.1 /device/ end-points both suffer from insecure direct object reference vulnerabilities. Other end-users userid and deviceid values can be enumerated by incrementing or decrementing id numbers. The impact of this vulnerability allows an...

7.5AI score0.00745EPSS
Exploits1References2
CVE
CVE
added 2022/11/28 12:0 a.m.65 views

CVE-2022-24187

CVE-2022-24187 affects Ourphoto App 1.4.1, specifically the /device/* endpoints. The root cause is insecure direct object references in which end-user identifiers (user_id and device_id) can be enumerated by incrementing/decrementing IDs, allowing attackers to discover other users’ email addresse...

7.5CVSS7.4AI score0.00745EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder