4441 matches found
LISTSERV 17 - Insecure Direct Object Reference (IDOR)
Exploit Title: LISTSERV 17 - Insecure Direct Object Reference IDOR Google Dork: inurl:/scripts/wa.exe Date: 12/02/2022 Exploit Author: Shaunt Der-Grigorian Vendor Homepage: https://www.lsoft.com/ Software Link: https://www.lsoft.com/download/listserv.asp Version: 17 Tested on: Windows Server 2019...
CVE-2023-24625
Faveo 5.0.1 allows remote attackers to obtain sensitive information via a modified user ID in an Insecure Direct Object Reference IDOR attack...
Design/Logic Flaw
Faveo 5.0.1 allows remote attackers to obtain sensitive information via a modified user ID in an Insecure Direct Object Reference IDOR attack...
CVE-2023-24625
Faveo 5.0.1 allows remote attackers to obtain sensitive information via a modified user ID in an Insecure Direct Object Reference IDOR attack...
Improper Authorization
nilsteampassnet/teampass is vulnerable to Improper Authorization. The vulnerability allows an attacker with low-level privileges to logout everyone out including the admin due to an Insecure Direct Object References IDOR via the user ID...
WordPress WooCommerce Multiple Customer Addresses & Shipping Plugin < 21.7 is vulnerable to Insecure Direct Object References (IDOR)
Software WooCommerce Multiple Customer Addresses & Shipping Type Plugin Vulnerable versions 21.7 Fixed in 21.7 OWASP Top 10 A5: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2023-0865 Patch priority Low CVSS severity Low 6.3 Developer Claim ownership PSID...
Atlassian Jira 8.6.0 < 8.9.2 Disclosure Of Private Project Titles
According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is 7.0.6 prior to version 7.13.16, 8.0.0 prior to 8.5.7, 8.6.0 prior to 8.9.2 or 8.10.0 prior to 8.10.1. It is, therefore, affected by a vulnerability which allow remote attackers to view...
Atlassian Jira 7.0.6 < 7.13.16 Disclosure Of Private Project Titles
According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is 7.0.6 prior to version 7.13.16, 8.0.0 prior to 8.5.7, 8.6.0 prior to 8.9.2 or 8.10.0 prior to 8.10.1. It is, therefore, affected by a vulnerability which allow remote attackers to view...
Atlassian Jira 8.0.0 < 8.5.7 Disclosure Of Private Project Titles
According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is 7.0.6 prior to version 7.13.16, 8.0.0 prior to 8.5.7, 8.6.0 prior to 8.9.2 or 8.10.0 prior to 8.10.1. It is, therefore, affected by a vulnerability which allow remote attackers to view...
Insecure Direct Object Reference
wallabag/wallabag is vulnerable to Insecure Direct Object Reference. The vulnerability is due to improper authentication checks in the addTagFormAction function of TagController.php which allows an admin authenticated remote attacker to add tags and get direct access to objects in the internal...
Atlassian Jira < 8.13.12 Indirect Direct Object Reference In Status Gadget
According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.20.0. It is, therefore, affected by a vulnerability which allows anonymous remote attackers to view the names of private projects and filters via an Insecure Direct Object...
Atlassian Jira 8.14.x < 8.20.0 Multiple Vulnerabilities
According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.20.0. It is, therefore, affected by multiple vulnerabilities: - A Insecure Direct Object References IDOR vulnerability which may allow unauthenticated remote attackers to vi...
PT-2023-18684 · WordPress · Wcfm Membership
Name of the Vulnerable Software and Affected Versions: WCFM Membership – WooCommerce Memberships for Multivendor Marketplace plugin for WordPress versions up to, and including, 2.10.7 Description: The issue is related to Insecure Direct Object References, which allows user-controlled access to...
CVE-2023-0453 WP Private Message < 1.0.6 - Private Message Disclosure via IDOR
The WP Private Message WordPress plugin bundled with the Superio theme as a required plugin before 1.0.6 does not ensure that private messages to be accessed belong to the user making the requests. This allowing any authenticated users to access private messages belonging to other users by...
Moodle 3.10.x < 3.10.8 Multiple Vulnerabilities
The version of Moodle installed on the remote host is 3.9.x prior to 3.9.11, 3.10.x prior to 3.10.8 or 3.11.x prior to 3.11.4. It is, therefore, affected by multiple vulnerabilities: - A Remote Code Execution when restoring malformed backup files. CVE-2021-3943 - A vulnerable version of mlbackend...
Moodle 4.0.x < 4.0.6 Multiple Vulnerabilities
The version of Moodle installed on the remote host is 3.9.x prior to 3.9.19, 3.11.x prior to 3.11.12, 4.0.x prior to 4.0.6 or 4.1.x prior to 4.1.1. It is, therefore, affected by multiple vulnerabilities: - A Cross-Site Scripting XSS vulnerability due to the lack of sanitization of some returnurl...
Moodle 3.11.x < 3.11.12 Multiple Vulnerabilities
The version of Moodle installed on the remote host is 3.9.x prior to 3.9.19, 3.11.x prior to 3.11.12, 4.0.x prior to 4.0.6 or 4.1.x prior to 4.1.1. It is, therefore, affected by multiple vulnerabilities: - A Cross-Site Scripting XSS vulnerability due to the lack of sanitization of some returnurl...
Moodle 3.9.x < 3.9.19 Multiple Vulnerabilities
The version of Moodle installed on the remote host is 3.9.x prior to 3.9.19, 3.11.x prior to 3.11.12, 4.0.x prior to 4.0.6 or 4.1.x prior to 4.1.1. It is, therefore, affected by multiple vulnerabilities: - A Cross-Site Scripting XSS vulnerability due to the lack of sanitization of some returnurl...
Moodle 3.9.x < 3.9.5 Multiple Vulnerabilities
The version of Moodle installed on the remote host is 3.5.x prior to 3.5.17, 3.8.x prior to 3.8.8, 3.9.x prior to 3.9.5 or 3.10.x prior to 3.10.2. It is, therefore, affected by multiple vulnerabilities: - A stored Cross-Site Scripting XSS vulnerability attack due to the lack of sanitization of th...
SUSE CVE-2018-17449
An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. Remote attackers could obtain sensitive information about issues, comments, and project titles via events API insecure direct object reference...