4442 matches found
CVE-2024-56404
CVE-2024-56404 – One Identity Identity Manager : Affects One Identity Identity Manager 9.x before 9.3 (On-Premise). The issue is an insecure direct object reference (IDOR) that enables privilege escalation. Reported CVSSv3.1 base score 9.9 (CRITICAL) with network attack vector, low attack complex...
CVE-2024-42169
HCL MyXalytics is affected by insecure direct object references. It occurs due to missing access control checks, which fail to verify whether a user should be allowed to access specific data...
CVE-2024-42169
HCL MyXalytics is affected by insecure direct object references. It occurs due to missing access control checks, which fail to verify whether a user should be allowed to access specific data...
CVE-2024-42169 HCL MyXalytics is affected by insecure direct object references
HCL MyXalytics is affected by insecure direct object references. It occurs due to missing access control checks, which fail to verify whether a user should be allowed to access specific data...
CVE-2024-42169 HCL MyXalytics is affected by insecure direct object references
HCL MyXalytics is affected by insecure direct object references. It occurs due to missing access control checks, which fail to verify whether a user should be allowed to access specific data...
CVE-2024-42169
CVE-2024-42169 affects HCL DRYiCE MyXalytics (MyXalytics) with an insecure direct object reference caused by missing access control checks. The CVE entry and multiple connected sources (NVD, CVE List, CIRCL, PT Security) consistently describe unauthorized access to data due to insufficient verifi...
HCL DRYiCE MyXalytics 安全漏洞
HCL DRYiCE MyXalytics is a unified reporting and dashboard product from HCL Corporation, USA. A security vulnerability exists in HCL DRYiCE MyXalytics that stems from vulnerability to insecure direct object references...
Insecure Direct Object Reference (IDOR)
Khoj is vulnerable to Insecure Direct Object Reference IDOR. The vulnerability is due to the improper implementation of access controls in the updatesubscription endpoint, where the system fails to enforce authorization checks to ensure that only the owner of a subscription can modify it, allowin...
WordPress WP Job Portal plugin <= 2.2.5- Authenticated (Subscriber+) Insecure Direct Object Reference vulnerability
WordPress WP Job Portal plugin = 2.2.5- Authenticated Subscriber+ Insecure Direct Object Reference vulnerability discovered by Apostolos Sakellariou in WordPress Plugin WP Job Portal versions = 2.2.5...
CVE-2024-12131
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.5 due to missing validation on a user controlled key. This makes it possible for authenticated...
CVE-2024-12131
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.5 due to missing validation on a user controlled key. This makes it possible for authenticated...
CVE-2024-12131 WP Job Portal – A Complete Recruitment System for Company or Job Board website <= 2.2.5- Authenticated (Subscriber+) Insecure Direct Object Reference
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.5 due to missing validation on a user controlled key. This makes it possible for authenticated...
CVE-2024-12131 WP Job Portal – A Complete Recruitment System for Company or Job Board website <= 2.2.5- Authenticated (Subscriber+) Insecure Direct Object Reference
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.5 due to missing validation on a user controlled key. This makes it possible for authenticated...
CVE-2024-12131
CVE-2024-12131 affects the WordPress plugin “WP Job Portal – A Complete Recruitment System for Company or Job Board website” (WordPress plugin). The issue is an Insecure Direct Object Reference caused by missing validation on a user-controlled key, enabling authenticated attackers with Subscriber...
WordPress plugin WP Job Portal 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2024-12132
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.4 due to missing validation on a user controlled key. This makes it possible for authenticated...
CVE-2024-12132
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.4 due to missing validation on a user controlled key. This makes it possible for authenticated...
CVE-2024-12132 WP Job Portal – A Complete Recruitment System for Company or Job Board website <= 2.2.4 - Authenticated (Subscriber+) Insecure Direct Object Reference
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.4 due to missing validation on a user controlled key. This makes it possible for authenticated...
CVE-2024-12132 WP Job Portal – A Complete Recruitment System for Company or Job Board website <= 2.2.4 - Authenticated (Subscriber+) Insecure Direct Object Reference
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.4 due to missing validation on a user controlled key. This makes it possible for authenticated...
CVE-2024-12132
CVE-2024-12132 - WP Job Portal (WordPress) vulnerability : The WP Job Portal – A Complete Recruitment System plugin for WordPress is vulnerable to insecure direct object references in all versions up to 2.2.4 due to missing validation on a user-controlled key. This enables authenticated attackers...