CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Github Security Blog•added 2026/05/29 10:34 p.m.•21 views

praisonai-platform: list_issue_activity returns activity log for any issue regardless of workspace ownership

Summary Type: Insecure Direct Object Reference. The GET /workspaces/workspaceid/issues/issueid/activity endpoint is gated by requireworkspacememberworkspaceid and dispatches to ActivityService.listforissueissueid, which executes SELECT FROM activity WHERE issueid = :issueid with no workspace...

5.8AI score

OSV•added 2026/05/29 10:34 p.m.•8 views

GHSA-27P4-PJQV-WHGJ praisonai-platform: list_issue_activity returns activity log for any issue regardless of workspace ownership

6.5CVSS5.8AI score

Github Security Blog•added 2026/05/29 10:5 p.m.•18 views

Admidio: IDOR in documents-files.php allows cross-folder file rename and description changes by unauthorized uploaders

Summary modules/documents-files.php mode filerenamesave shares the same root-cause shape as the cross-folder move bug 05-documents-cross-folder-move-idor.md: the top-level rights check at lines 79-89 validates hasUploadRight on the URL parameter folderuuid, but the rename operation acts on fileuu...

5.8AI score

GithubExploit•added 2026/05/29 9:52 p.m.•58 views

NileBank-Vulnerable-App

NileBank - Web Pen Testing Project A realistic bank web appli...

5.9AI score

Exploits0

RedhatCVE•added 2026/05/29 8:13 p.m.•10 views

CVE-2026-45297

OpenReplay is a self-hosted session replay suite. Prior to 1.26.0, there is a cross-tenant IDOR on feature-flag and assist-stats routes via projectid case mismatch. ProjectAuthorizer.call OSS api/auth/authproject.py:14-38 and EE ee/api/auth/authproject.py:14-46 only runs...

5.3CVSS5.8AI score0.00043EPSS

Exploits0References1

NVD•added 2026/05/29 7:16 a.m.•13 views

CVE-2026-9493

Service Center developed by BankPro E-Service Technology has an Insecure Direct Object Reference vulnerability, allowing authenticated remote attackers to modify the parameter of a specific query function to access other users' EC order details...

7.1CVSS0.00043EPSS

Cvelist•added 2026/05/29 5:54 a.m.•33 views

CVE-2026-9493 BankPro E-Service Technology｜Service Center - Insecure Direct Object Reference

7.1CVSS0.00043EPSS

CVE•added 2026/05/29 5:54 a.m.•13 views

CVE-2026-9493

CVE-2026-9493 concerns BankPro E-Service Technology’s Service Center, which contains an Insecure Direct Object Reference vulnerability. Authenticated remote attackers can alter a parameter in a specific query function to access other users’ EC order details. The issue exposes sensitive confidenti...

Vulnrichment•added 2026/05/29 5:54 a.m.•9 views

CVE-2026-9493 BankPro E-Service Technology｜Service Center - Insecure Direct Object Reference

EUVD•added 2026/05/29 5:54 a.m.•11 views

EUVD-2026-33253

Positive Technologies•added 2026/05/29 12:0 a.m.•8 views

PT-2026-45065

Summary Type: Insecure Direct Object Reference. Five label endpoints — PATCH /workspaces/workspace id/labels/label id, DELETE .../labels/label id, POST .../issues/issue id/labels/label id, DELETE .../issues/issue id/labels/label id, GET .../issues/issue id/labels — gate access on require workspac...

7.6CVSS5.9AI score

Exploits0References3

Positive Technologies•added 2026/05/29 12:0 a.m.•6 views

PT-2026-45062

Summary Type: Insecure Direct Object Reference. The GET /workspaces/workspace id/issues/issue id/activity endpoint is gated by require workspace memberworkspace id and dispatches to ActivityService.list for issueissue id, which executes SELECT FROM activity WHERE issue id = :issue id with no...

6.5CVSS5.8AI score

Exploits0References3

Positive Technologies•added 2026/05/29 12:0 a.m.•9 views

PT-2026-44753

ATTACKERKB•added 2026/05/28 8:47 p.m.•7 views

Exploits0References3

CVE-2026-45342

LinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, LinkAce contains an Insecure Direct Object Reference vulnerability in the authorization policy layer that allows any authenticated user to modify resources owned by other users. The affected resource types are links, lists...

5.8AI score0.00043EPSS

CVE•added 2026/05/28 8:47 p.m.•10 views

CVE-2026-45342

LinkAce prior to version 2.5.6 is affected by an Insecure Direct Object Reference (IDOR) in the authorization policy layer. The root cause is in update() policy methods (LinkPolicy, LinkListPolicy, TagPolicy, NotePolicy) where access checks delegate to userCanAccessX(), which returns true for any...

EUVD•added 2026/05/28 8:47 p.m.•8 views

Exploits0References1

EUVD-2026-33056

NVD•added 2026/05/28 4:16 p.m.•9 views

Exploits0References1

CVE-2026-35671

phpMyFAQ before 4.1.3 contains an insecure direct object reference vulnerability in the admin API user password endpoint that allows authenticated administrators to change any user's password without authorization verification. An attacker with low-privilege admin credentials can escalate to...

8.8CVSS0.00044EPSS

Cvelist•added 2026/05/28 2:13 p.m.•28 views

CVE-2026-35671 phpMyFAQ - Insecure Direct Object Reference in User Password API

8.8CVSS0.00044EPSS

CVE•added 2026/05/28 2:13 p.m.•12 views

CVE-2026-35671

phpMyFAQ is affected by an insecure direct object reference (IDOR) in the admin API: overwrite-password allows changing any user’s password when the requester is an authenticated admin with USER_EDIT permission. The root causes cited are: (1) no verification that the requesting admin may modify t...

8.8CVSS5.8AI score0.00044EPSS