Dolibarr 访问控制错误漏洞

Dolibarr is a software application. A modern software package that helps manage your organization's activities. A security vulnerability exists in dolibarr that stems from incorrect access control IDOR...

CVE-2022-0732

The backend infrastructure shared by multiple mobile device monitoring services does not adequately authenticate or authorize API requests, creating an IDOR Insecure Direct Object Reference vulnerability...

Business Logic Errors in microweber

Microweber prior to 1.2.11 can suffer from insecure direct object references. A malicious actor can remove items from a victim's cart...

CVE-2022-24979

An issue was discovered in the Varnishcache extension before 2.0.1 for TYPO3. The Edge Site Includes ESI content element renderer component does not include an access check. This allows an unauthenticated user to render various content elements, resulting in insecure direct object reference IDOR,...

CVE-2022-24979

An issue was discovered in the Varnishcache extension before 2.0.1 for TYPO3. The Edge Site Includes ESI content element renderer component does not include an access check. This allows an unauthenticated user to render various content elements, resulting in insecure direct object reference IDOR,...

CVE-2022-25336

Ibexa DXP ezsystems/ezpublish-kernel 7.5.x before 7.5.26 and 1.3.x before 1.3.12 allows Insecure Direct Object Reference IDOR attacks against image files because the image path and filename can be correctly deduced...

Design/Logic Flaw

Ibexa DXP ezsystems/ezpublish-kernel 7.5.x before 7.5.26 and 1.3.x before 1.3.12 allows Insecure Direct Object Reference IDOR attacks against image files because the image path and filename can be correctly deduced...

CVE-2022-25336

Ibexa DXP ezsystems/ezpublish-kernel 7.5.x before 7.5.26 and 1.3.x before 1.3.12 allows Insecure Direct Object Reference IDOR attacks against image files because the image path and filename can be correctly deduced...

CVE-2022-25336

CVE-2022-25336 affects Ibexa DXP Ezpublish-kernel: versions 7.5.x before 7.5.26 and 1.3.x before 1.3.12. The issue is an Insecure Direct Object Reference (IDOR) against image files because the image path and filename can be inferred, enabling access to potentially sensitive images. Connected sour...

Ibexa DXP 安全漏洞

Ibexa Dxp is a single technology stack digital experience platform from Ibexa Norway. It is used to help B2B companies transform their traditional sales strategy into a frictionless buying experience. A security vulnerability in Ibexa DXP ezsystems/ezpublish-kernel, which originated in version...

PT-2022-17219 · Ibexa +1 · Ibexa Dxp +1

Name of the Vulnerable Software and Affected Versions: Ibexa DXP ezsystems/ezpublish-kernel versions 7.5.x through 7.5.25 Ibexa DXP ezsystems/ezpublish-kernel versions 1.3.x through 1.3.11 Description: The issue allows Insecure Direct Object Reference IDOR attacks against image files because the...

CVE-2022-29434

Insecure Direct Object References IDOR vulnerability in Spiffy Plugins Spiffy Calendar = 4.9.0 at WordPress allows an attacker to edit or delete events...

Grafana IDOR Vulnerability (GHSA-63g3-9jq3-mccv)

Grafana is prone to an insecure direct object reference IDOR vulnerability on Grafana Teams APIs. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

PrinterLogic Web Stack Insecure Direct Object Reference (IDOR) Vulnerability

PrinterLogic Web Stack PrinterLogic Printer Installer is a native Web application from PrinterLogic USA, Inc. Enabling the It department to manage and automate the creation/propagation of PrinterObjects and printer drivers across print environments from a single management console. PrinterLogic W...

PrinterLogic Web Stack Insecure Direct Object Reference (IDOR) Vulnerability (CNVD-2022-11104)

PrinterLogic Web Stack PrinterLogic Printer Installer is a native Web application from PrinterLogic, Inc. It enables the It department to manage and automate the creation/dissemination of printer Objects and printer drivers across print environments from a single management console. PrinterLogic...

PrinterLogic Web Stack Insecure Direct Object Reference (IDOR) Vulnerability (CNVD-2022-11105)

PrinterLogic Web Stack PrinterLogic Printer Installer is a native Web application from PrinterLogic, Inc. It enables the It department to manage and automatically create/propagate PrinterObjects and printer drivers across print environments from a single management console. PrinterLogic Web Stack...

CVE-2021-42641

PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference IDOR vulnerability that allows an unauthenticated attacker to disclose the username and email address of all users...

CVE-2021-42640

PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference IDOR vulnerability that allows an unauthenticated attacker to reassign drivers for any printer...

CVE-2021-42642

PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference IDOR vulnerability that allows an unauthenticated attacker to disclose the plaintext console username and password for a printer...

CVE-2021-42641

PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference IDOR vulnerability that allows an unauthenticated attacker to disclose the username and email address of all users...