CVE-2014-2332

CheckMK before 1.2.2p3 and 1.2.3x before 1.2.3i5 allows remote authenticated users to delete arbitrary files via a request to an unspecified link, related to "Insecure Direct Object References." NOTE: this can be exploited by remote attackers by leveraging CVE-2014-2330...

CVE-2014-2332

CheckMK before 1.2.2p3 and 1.2.3x before 1.2.3i5 allows remote authenticated users to delete arbitrary files via a request to an unspecified link, related to "Insecure Direct Object References." NOTE: this can be exploited by remote attackers by leveraging CVE-2014-2330...

Design/Logic Flaw

CheckMK before 1.2.2p3 and 1.2.3x before 1.2.3i5 allows remote authenticated users to delete arbitrary files via a request to an unspecified link, related to "Insecure Direct Object References." NOTE: this can be exploited by remote attackers by leveraging CVE-2014-2330...

CVE-2014-2332

CVE-2014-2332 affects Check_MK before 1.2.2p3 and 1.2.3x before 1.2.3i5. The issue, tied to insecure direct object references, allows remote authenticated users to delete arbitrary files via a request to an unspecified link. The related advisory notes that exploitation can be facilitated by CVE-2...

CVE-2014-2332

CheckMK before 1.2.2p3 and 1.2.3x before 1.2.3i5 allows remote authenticated users to delete arbitrary files via a request to an unspecified link, related to "Insecure Direct Object References." NOTE: this can be exploited by remote attackers by leveraging CVE-2014-2330...

Helpdesk Pro by Ossolution Team [com_helpdeskpro], before 1.4.0, multiple vulns

Helpdesk Pro by Ossolution Team comhelpdeskpro, before 1.4.0, multiple vulns Vulnerabilities: Direct Object References Cross-Site Scripting SQL Injection Local file disclosure/Path traversal File Upload Fixed: vulnerability fixed in version 1.4.0 Developer's notice:...

Joomla Helpdesk Pro Plugin < 1.4.0 - Multiple Vulnerabilities

Joomla Helpdesk Pro versions prior to 1.4.0 suffers from cross site scripting, local file disclosure, remote file upload, remote SQL injection, and insecure direct object reference vulnerabilities. Document Title ============== Joomla! plugin Helpdesk Pro 1.4.0 Reported By =========== Simon Rawet...

[Responsible disclosure] How I could have hacked 62.5 million Zomato Users

Note: This is being published with the permission of Zomato Team. The vulnerability is now fixed. Zomato is an online restaurant search and discovery service providing information on home delivery, dining-out, cafés and nightlife for various cities of India and 21 other countries. It has 62.5...

CVE-2014-8487: Kony EMM insecurity Direct Object Reference

------------------------------------------------------------------------ Product: Enterprise Mobile Management Vendor: Kony Vulnerable Versions: Kony EMM 1.2 and probably older versions Tested Version: Drupal Kony EMM 1.2 Advisory Publication: 24 December 2014 Vendor Notification: 8 December 2014...

Kony EMM 1.2 Insecure Direct Object Reference

------------------------------------------------------------------------ Product: Enterprise Mobile Management Vendor: Kony Vulnerable Versions: Kony EMM 1.2 and probably older versions Tested Version: Drupal Kony EMM 1.2 Advisory Publication: 24 December 2014 Vendor Notification: 8 December 2014...

Fork CMS Local File Inclusion

============================================================================== Fork-CMS Local File Inclusion: Author: Rafay Baloch Introduction: Local file inclusion vulnerability occur when the include function is not sanitized properl, LFI is classified under OWASP Top10 under "A4 Insecure Dire...