5 matches found
CVE-2022-24187
The userid and deviceid on the Ourphoto App version 1.4.1 /device/ end-points both suffer from insecure direct object reference vulnerabilities. Other end-users userid and deviceid values can be enumerated by incrementing or decrementing id numbers. The impact of this vulnerability allows an...
CVE-2022-24187
creationtimestamp| type| source ---|---|--- 2022-11-29 00:28:17+00:00| seen| https://t.me/cibsecurity/53604...
CVE-2022-24187
The userid and deviceid on the Ourphoto App version 1.4.1 /device/ end-points both suffer from insecure direct object reference vulnerabilities. Other end-users userid and deviceid values can be enumerated by incrementing or decrementing id numbers. The impact of this vulnerability allows an...
CVE-2022-24187
The userid and deviceid on the Ourphoto App version 1.4.1 /device/ end-points both suffer from insecure direct object reference vulnerabilities. Other end-users userid and deviceid values can be enumerated by incrementing or decrementing id numbers. The impact of this vulnerability allows an...
CVE-2022-24187
CVE-2022-24187 affects Ourphoto App 1.4.1, specifically the /device/* endpoints. The root cause is insecure direct object references in which end-user identifiers (user_id and device_id) can be enumerated by incrementing/decrementing IDs, allowing attackers to discover other users’ email addresse...