4441 matches found
Tyler Technologies Tyler Odyssey信息泄露漏洞
Tyler Technologies Tyler Odyssey is a court and judicial software system from Tyler Technologies, Inc. An information disclosure vulnerability exists in versions of Tyler Technologies Tyler Odyssey prior to 17.1.20, which stems from an insecure direct object reference issue in the platform. An...
CVE-2022-26665
An Insecure Direct Object Reference issue exists in the Tyler Odyssey Portal platform before 17.1.20. This may allow an external party to access sensitive case records...
CVE-2022-26665
An Insecure Direct Object Reference issue exists in the Tyler Odyssey Portal platform before 17.1.20. This may allow an external party to access sensitive case records...
Design/Logic Flaw
An Insecure Direct Object Reference issue exists in the Tyler Odyssey Portal platform before 17.1.20. This may allow an external party to access sensitive case records...
CVE-2022-26665
Tyler Odyssey Portal (before 17.1.20) is affected by CVE-2022-26665 due to an Insecure Direct Object Reference (IDOR) vulnerability in what appears to be the platform’s handling of case records. The issue could allow an external party to access sensitive case records. Connected sources confirm th...
Tyler Technologies Tyler Odyssey 安全漏洞
Tyler Technologies Tyler Odyssey is a court and judicial software system from Tyler Technologies, Inc. An information disclosure vulnerability exists in versions of Tyler Technologies Tyler Odyssey prior to 17.1.20, which stems from an insecure direct object reference issue in the platform. An...
PT-2022-17995 · Tyler · Tyler Odyssey Portal
Name of the Vulnerable Software and Affected Versions: Tyler Odyssey Portal platform versions prior to 17.1.20 Description: An Insecure Direct Object Reference issue exists in the Tyler Odyssey Portal platform. This may allow an external party to access sensitive case records. Recommendations: Fo...
CVE-2022-29287
Kentico CMS before 13.0.66 has an Insecure Direct Object Reference vulnerability. It allows an attacker with user management rights default is Administrator to export the user options of any user, even ones with higher privileges like Global Administrators than the current user. The exported XML...
CVE-2022-29287
Kentico CMS before 13.0.66 has an Insecure Direct Object Reference vulnerability. It allows an attacker with user management rights default is Administrator to export the user options of any user, even ones with higher privileges like Global Administrators than the current user. The exported XML...
CVE-2022-29287
Kentico CMS before 13.0.66 has an Insecure Direct Object Reference vulnerability. It allows an attacker with user management rights default is Administrator to export the user options of any user, even ones with higher privileges like Global Administrators than the current user. The exported XML...
Design/Logic Flaw
Kentico CMS before 13.0.66 has an Insecure Direct Object Reference vulnerability. It allows an attacker with user management rights default is Administrator to export the user options of any user, even ones with higher privileges like Global Administrators than the current user. The exported XML...
CVE-2022-29287
Kentico CMS before 13.0.66 has an Insecure Direct Object Reference vulnerability. It allows an attacker with user management rights default is Administrator to export the user options of any user, even ones with higher privileges like Global Administrators than the current user. The exported XML...
MTN Group: Unprotected Direct Object Reference
Hello MTN Security Team, During my hunting, I discovered that there's an Insecure Direct Object Reference on https://nin.mtnonline.com Vulnerable Path: https://nin.mtnonline.com/nin/success?message=1 Steps To Reproduce: You may not even require to submit any NIN before accessing this unprotected...
SAM SUNNY TRIPOWER 5.0 Insecure Direct Object Reference
Exploit Title: SAM SUNNY TRIPOWER 5.0 - Insecure Direct Object Reference IDOR Date: 7/4/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.sma.de Version: SUNNY TRIPOWER 5.0 Firmware version 3.10.16.R Tested on: Linux Firefox CVE : CVE-2021-46416 Proof of Concept...
SAM SUNNY TRIPOWER 5.0 - Insecure Direct Object Reference Vulnerability
Exploit Title: SAM SUNNY TRIPOWER 5.0 - Insecure Direct Object Reference IDOR Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.sma.de Version: SUNNY TRIPOWER 5.0 Firmware version 3.10.16.R Tested on: Linux Firefox CVE : CVE-2021-46416 Proof of Concept ============ Normal us...
SAM SUNNY TRIPOWER 5.0 - Insecure Direct Object Reference (IDOR)
Exploit Title: SAM SUNNY TRIPOWER 5.0 - Insecure Direct Object Reference IDOR Date: 7/4/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.sma.de Version: SUNNY TRIPOWER 5.0 Firmware version 3.10.16.R Tested on: Linux Firefox CVE : CVE-2021-46416 Proof of Concept...
CVE-2021-46416
Insecure direct object reference in SUNNY TRIPOWER 5.0 Firmware version 3.10.16.R leads to unauthorized user groups accessing due to insecure cookie handling...
CVE-2021-46416
Insecure direct object reference in SUNNY TRIPOWER 5.0 Firmware version 3.10.16.R leads to unauthorized user groups accessing due to insecure cookie handling...
CVE-2021-46416
CVE-2021-46416 concerns the SUNNY TRIPOWER 5.0 firmware (version 3.10.16.R). The vulnerability arises from insecure cookie handling that enables an insecure direct object reference, allowing an unauthorized user group to access restricted functionality. The issue is described in the CVE entry as ...
SMA Solar Technology SUNNY TRIPOWER 安全漏洞
The SMA Solar Technology SUNNY TRIPOWER is a solar inverter from SMA Solar Technology, Germany. A security vulnerability exists in SMA Solar Technology SUNNY TRIPOWER 5.0, which stems from an insecure direct object reference that could lead to unauthorized user group access due to insecure cookie...