CVE-2026-42515

CVE-2026-42515 is an IDOR vulnerability in the e-Sushrut HMIS. Improper access control in resource access validation allows an authenticated attacker to manipulate a URL parameter in the API request to gain unauthorized access to patients’ sensitive information. The CVSS 4.0 base score is 7.1 (HI...

CVE-2026-28782 Craft has a Permission Bypass and IDOR in Duplicate Entry Action

Craft is a content management system CMS. Prior to 5.9.0-beta.1 and 4.17.0-beta.1, the "Duplicate" entry action does not properly verify if the user has permission to perform this action on the specific target elements. Even with only "View Entries" permission where the "Duplicate" action is...

CVE-2025-68979 WordPress Google Calendar Events plugin <= 3.5.9 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in SimpleCalendar Google Calendar Events google-calendar-events allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Google Calendar Events: from n/a through = 3.5.9...

CVE-2025-63513

kishan0725 Hospital Management System v4 has an Insecure Direct Object Reference IDOR vulnerability in the appointment cancellation functionality...

CVE-2022-24385

A Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure This issue affects: SmarterTools SmarterTrack 100.0.8019.14010...

Information disclosure

A Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure This issue affects: SmarterTools SmarterTrack 100.0.8019.14010...

SmarterTools SmarterTrack 安全漏洞

SmarterTools SmarterTrack is a customer service software from SmarterTools UK. It improves customer service and reduces support costs. A security vulnerability exists in SmarterTools SmarterTrack 100.0.8019.14010 that originates from direct object access in SmarterTools SmarterTrack...

CVE-2022-24385

CVE-2022-24385 describes a Direct Object Access vulnerability in SmarterTools SmarterTrack, affecting version 100.0.8019.14010 and leading to information disclosure. The connected documents confirm the affected product and version, and indicate the underlying issue is direct object access, with p...

CVE-2022-24385

A Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure This issue affects: SmarterTools SmarterTrack 100.0.8019.14010...

CVE-2019-18998

Insufficient access control in the web interface of ABB Asset Suite versions 9.0 to 9.3, 9.4 prior to 9.4.2.6, 9.5 prior to 9.5.3.2 and 9.6.0 enables full access to directly referenced objects. An attacker with knowledge of a resource's URL can access the resource directly...

CVE-2019-18998

Insufficient access control in the web interface of ABB Asset Suite versions 9.0 to 9.3, 9.4 prior to 9.4.2.6, 9.5 prior to 9.5.3.2 and 9.6.0 enables full access to directly referenced objects. An attacker with knowledge of a resource's URL can access the resource directly...

Omnidocs - Multiple Vulnerability

No description provided by source. -------------------------------------------------------------------- Exploit Title: Multiple Vulnerability in Omnidocs Date: 24 Sep 2011 Author: Sohil Garg Software Link: http://www.newgensoft.com/omnidocs.asp Version: All Tested on: Apache-Coyote/1.1 CVE :...

Omnidocs plurality of defect and repair-vulnerability warning-the black bar safety net

Title: Multiple Vulnerability in "Omnidocs" Author: Sohil Garg www.2cto.com Download address: Affected versions: All Test platform: Apache-Coyote/1.1 CVE : CVE-2 0 1 1-3 6 4 5 "Omnidocs" multiple defects PRODUCT DESCRIPTION: OmniDocs is an Enterprise Document Management EDM platform for creating,...

Omnidocs - Multiple Vulnerabilities

-------------------------------------------------------------------- Exploit Title: Multiple Vulnerability in "Omnidocs" Date: 24 Sep 2011 Author: Sohil Garg Software Link: http://www.newgensoft.com/omnidocs.asp Version: All Tested on: Apache-Coyote/1.1 CVE : CVE-2011-3645 �...

Omnidocs - Multiple Vulnerabilities

Omnidocs - Multiple Vulnerabilities -------------------------------------------------------------------- Exploit Title: Multiple Vulnerability in "Omnidocs" Date: 24 Sep 2011 Author: Sohil Garg Software Link: http://www.newgensoft.com/omnidocs.asp Version: All Tested on: Apache-Coyote/1.1 CVE :...

[CVE-2011-3645] Multiple vulnerability in &quot;Omnidocs&quot;

Hi All, I would like to inform about multiple vulnerability in NewGen's Omnidocs application. Exploit Title: Multiple Vulnerability in "Omnidocs" Author: Sohil Garg CVE : CVE-2011-3645 Product Description: OmniDocs is an Enterprise Document Management EDM platform for creating, capturing,...

Omnidocs Multiple Vulnerability

Exploit for jsp platform in category web applications -------------------------------------------------------------------- Exploit Title: Multiple Vulnerability in "Omnidocs" Date: 24 Sep 2011 Author: Sohil Garg Software Link: http://www.newgensoft.com/omnidocs.asp Version: All Tested on:...

Omnidocs Privilege Escalation / Direct Object Access

Exploit Title: Multiple Vulnerability in "Omnidocs" Author: Sohil Garg CVE : CVE-2011-3645 Product Description: OmniDocs is an Enterprise Document Management EDM platform for creating, capturing, managing, delivering and archiving large volumes of documents and contents. Also integrates seamlessl...