3452 matches found
CVE-2020-16240
GE Digital APM Classic, Versions 4.4 and prior. An insecure direct object reference IDOR vulnerability allows user account data to be downloaded in JavaScript object notation JSON format by users who should not have access to such functionality. An attacker can download sensitive data related to...
CVE-2020-16244
GE Digital APM Classic, Versions 4.4 and prior. Salt is not used for hash calculation of passwords, making it possible to decrypt passwords. This design flaw, along with the IDOR vulnerability, puts the entire platform at high risk because an authenticated user can retrieve all user account data...
Input validation
A vulnerability in the Operations, Administration, Maintenance and Provisioning OAMP OpsConsole Server for Cisco Unified Customer Voice Portal CVP could allow an authenticated, remote attacker to execute Insecure Direct Object Reference actions on specific pages within the OAMP application. The...
CVE-2019-16017 Cisco Unified Customer Voice Portal Insecure Direct Object Reference Vulnerability
A vulnerability in the Operations, Administration, Maintenance and Provisioning OAMP OpsConsole Server for Cisco Unified Customer Voice Portal CVP could allow an authenticated, remote attacker to execute Insecure Direct Object Reference actions on specific pages within the OAMP application. The...
CVE-2019-16017 Cisco Unified Customer Voice Portal Insecure Direct Object Reference Vulnerability
A vulnerability in the Operations, Administration, Maintenance and Provisioning OAMP OpsConsole Server for Cisco Unified Customer Voice Portal CVP could allow an authenticated, remote attacker to execute Insecure Direct Object Reference actions on specific pages within the OAMP application. The...
CVE-2019-16017
CVE-2019-16017 affects Cisco Unified CVP OAMP OpsConsole Server. The issue arises from insufficient input validation on specific OAMP pages, allowing an authenticated attacker to perform Insecure Direct Object Reference actions. Impact in documented details includes information disclosure beyond ...
CVE-2020-15958
An issue was discovered in 1CRM System through 8.6.7. An insecure direct object reference to internally stored files allows a remote attacker to access various sensitive information via an unauthenticated request with a predictable URL...
Design/Logic Flaw
An issue was discovered in 1CRM System through 8.6.7. An insecure direct object reference to internally stored files allows a remote attacker to access various sensitive information via an unauthenticated request with a predictable URL...
CVE-2020-15958
CVE-2020-15958 affects 1CRM System up to version 8.6.7. It exposes an insecure direct object reference to internally stored files, enabling an unauthenticated remote attacker to access sensitive information via a predictable URL. The advisory in PacketStorm (ARA-2020-005) cites CVSS v3 score 8.6 ...
CVE-2020-15958
An issue was discovered in 1CRM System through 8.6.7. An insecure direct object reference to internally stored files allows a remote attacker to access various sensitive information via an unauthenticated request with a predictable URL...
1CRM 8.6.7 Insecure Direct Object Reference
Security Advisory ARA-2020-005: Insecure Direct Object Reference CVE-2020-15958 Affected Products and Environments Product: 1CRM =8.6.7, confirmed for CRBM System ENT-8.6.5, CRBM System ENT-8.6.6 and Startup+ Edition 8.5.15 Environments: All host environments Security Risk Severity: High CVSS v3:...
New Relic: IDOR - User is able to download charts/dashboards from cross accounts
@k3ne described an issue where a user on an account could access data concerning dashboards for another user on the same account. While this appeared to be a cross-account access issue, both users on the account have access to the same data by design...
Insecure Direct Object Reference vulnerability in the mysonicwall.com add-user API
An insecure direct object reference vulnerability has been identified in the users/add-user API endpoint of mysonicwall.com. This could allow a normal authenticated mysonicwall user to manipulate API parameter and gain access to user group of tenant of any other mysonicwall user account. CVE: N/A...
Online Shopping Alphaware 1.0 Insecure Direct Object Reference Vulnerability
Exploit for php platform in category web applications Exploit Title: Online Shopping Alphaware 1.0 - 'Summary' Insecure Direct Object Reference Authenticated Exploit Author: Edo Maland Vendor Homepage: https://www.sourcecodester.com/php/14368/online-shopping-alphaware-phpmysql.html Software Link:...
Telerik UI for ASP.NET AJAX RadAsyncUpload Multiple Vulnerabilities
According to its self-reported version number, the version of Telerik UI for ASP.NET AJAX is affected by multiple vulnerabilities in Telerik.Web.UI.dll : - An insecure direct object reference vulnerability due to user input used directly by RadAsyncUpload without modification or validation...
Lark Technologies: Messages disclosure via search feature of other users group(Cross-Tenant).
Due to a Insecure Direct Object Reference IDOR vulnerability identified within the message search function of Lark, an attacker could have potentially viewed messages, docs, and attachments shared in other users groups. We thank @base64 for reporting this to our team and verifying the resolution...
CVE-2020-13700
An issue was discovered in the acf-to-rest-api plugin through 3.1.0 for WordPress. It allows an insecure direct object reference via permalinks manipulation, as demonstrated by a wp-json/acf/v3/options/ request that reads sensitive information in the wpoptions table, such as the login and pass...
Cross site request forgery (csrf)
An issue was discovered in the acf-to-rest-api plugin through 3.1.0 for WordPress. It allows an insecure direct object reference via permalinks manipulation, as demonstrated by a wp-json/acf/v3/options/ request that reads sensitive information in the wpoptions table, such as the login and pass...
CVE-2020-13700
An issue was discovered in the acf-to-rest-api plugin through 3.1.0 for WordPress. It allows an insecure direct object reference via permalinks manipulation, as demonstrated by a wp-json/acf/v3/options/ request that reads sensitive information in the wpoptions table, such as the login and pass...
Information Exposure
An issue was discovered in the acf-to-rest-api plugin for WordPress. It allows an insecure direct object reference via permalinks manipulation, as demonstrated by a wp-json/acf/v3/options/ request that reads sensitive information in the wpoptions table, such as the login and password values...