Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:58 p.m.7 views

CVE-2022-24189

The usertoken authorization header on the Ourphoto App version 1.4.1 /apiv1/ end-points is not implemented properly. Removing the value causes all requests to succeed, bypassing authorization and session management. The impact of this vulnerability allows an attacker POST api calls with other use...

6.5CVSS6.6AI score0.00507EPSS
Exploits1References1
Circl
Circl
added 2022/11/29 12:28 a.m.4 views

CVE-2022-24189

creationtimestamp| type| source ---|---|--- 2022-11-29 00:28:28+00:00| seen| https://t.me/cibsecurity/53612...

6.5CVSS6.3AI score0.00507EPSS
Exploits1References1
OSV
OSV
added 2022/11/28 10:15 p.m.3 views

CVE-2022-24189

The usertoken authorization header on the Ourphoto App version 1.4.1 /apiv1/ end-points is not implemented properly. Removing the value causes all requests to succeed, bypassing authorization and session management. The impact of this vulnerability allows an attacker POST api calls with other use...

6.5CVSS5.8AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/11/28 12:0 a.m.7 views

CVE-2022-24189

The usertoken authorization header on the Ourphoto App version 1.4.1 /apiv1/ end-points is not implemented properly. Removing the value causes all requests to succeed, bypassing authorization and session management. The impact of this vulnerability allows an attacker POST api calls with other use...

6.4AI score0.00507EPSS
Exploits1References1
CVE
CVE
added 2022/11/28 12:0 a.m.53 views

CVE-2022-24189

CVE-2022-24189 affects the Ourphoto App v1.4.1, where the user_token authorization header on /apiv1/* endpoints is not implemented correctly. Removing the header value causes all requests to succeed, bypassing authorization and session management, enabling an attacker to make POST API calls using...

6.5CVSS6.3AI score0.00507EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder