3461 matches found
WordPress Directorist 7.5.4 Insecure Direct Object Reference / Privilege Escalation Vulnerabilities
Alongside our usual work to discover, report, and remediate vulnerabilities in the WordPress ecosystem, the WordPress Threat Intelligence team has been conducting a deep-dive into WordPress plugin code with the objective of finding methods to bypass authentication and gain elevated privileges in...
FreeBSD : Kanboard -- Multiple vulnerabilities (bfca647c-0456-11ee-bafd-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the bfca647c-0456-11ee-bafd-b42e991fc52e advisory. - Kanboard is open source project management software that focuses on the Kanban methodology...
CVE-2023-33956
Kanboard is open source project management software that focuses on the Kanban methodology. Versions prior to 1.2.30 are subject to an Insecure direct object reference IDOR vulnerability present in the application's URL parameter. This vulnerability enables any user to read files uploaded by any...
DEBIAN-CVE-2023-33956
Kanboard is open source project management software that focuses on the Kanban methodology. Versions prior to 1.2.30 are subject to an Insecure direct object reference IDOR vulnerability present in the application's URL parameter. This vulnerability enables any user to read files uploaded by any...
CVE-2023-33956 Parameter based Indirect Object Referencing leading to private file exposure in Kanboard
Kanboard is open source project management software that focuses on the Kanban methodology. Versions prior to 1.2.30 are subject to an Insecure direct object reference IDOR vulnerability present in the application's URL parameter. This vulnerability enables any user to read files uploaded by any...
CVE-2023-33956
The CVE-2023-33956 entry affects Kanboard before 1.2.30, with an IDOR in a URL parameter that lets any authenticated user read files uploaded by others (under /files), enabling unauthorized disclosure of sensitive documents. The vulnerability stems from insecure direct object reference without pr...
PT-2023-24596 · Kanboard · Kanboard
Name of the Vulnerable Software and Affected Versions: Kanboard versions prior to 1.2.30 Description: The issue is related to an Insecure direct object reference IDOR vulnerability present in the application's URL parameter. This vulnerability enables any user to read files uploaded by any other...
PT-2023-13465 · Unknown · Shop Beat Media Player
Name of the Vulnerable Software and Affected Versions: Shop Beat Media Player versions 2.5.95 through 3.2.57 Description: The issue concerns an Insecure Direct Object Reference IDOR vulnerability. It is exploited via the controlpanel.shopbeat.co.za endpoint. Recommendations: For versions 2.5.95...
Shop Beat Media Player 安全漏洞
Shop Beat is a media player from Shop Beat, Inc. A security vulnerability exists in Shop Beat Media Player versions 2.5.95 through 3.2.57 that stems from vulnerability to insecure direct object reference attacks...
CVE-2023-2276
The WCFM Membership – WooCommerce Memberships for Multivendor Marketplace plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 2.10.7. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization an...
HackerOne: Insecure Direct Object Reference (IDOR) - Delete Campaigns
An insecure direct object reference IDOR vulnerability was discovered on a website, which allowed an attacker to delete any campaign based on the campaign ID. By modifying the campaign ID parameter in the request, an attacker could delete campaigns on any program. This vulnerability could have...
CVE-2018-17449
An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. Remote attackers could obtain sensitive information about issues, comments, and project titles via events API insecure direct object reference...
CVE-2018-17455
An issue was discovered in GitLab Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. Attackers could obtain sensitive information about group names, avatars, LDAP settings, and descriptions via an insecure direct object reference to the "merge request approvals"...
CVE-2018-17455
An issue was discovered in GitLab Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. Attackers could obtain sensitive information about group names, avatars, LDAP settings, and descriptions via an insecure direct object reference to the "merge request approvals"...
Information disclosure
An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. Remote attackers could obtain sensitive information about issues, comments, and project titles via events API insecure direct object reference...
Design/Logic Flaw
An issue was discovered in GitLab Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. Attackers could obtain sensitive information about group names, avatars, LDAP settings, and descriptions via an insecure direct object reference to the "merge request approvals"...
CVE-2018-17449
An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. Remote attackers could obtain sensitive information about issues, comments, and project titles via events API insecure direct object reference...
CVE-2018-17449
An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. Remote attackers could obtain sensitive information about issues, comments, and project titles via events API insecure direct object reference...
CVE-2022-45175
An issue was discovered in LIVEBOX Collaboration vDesk through v018. An Insecure Direct Object Reference can occur under the 5.6.5-3/doc/ID-FILE/c/N/C/websocket endpoint. A malicious unauthenticated user can access cached files in the OnlyOffice backend of other users by guessing the file ID of a...
CVE-2022-45175
An issue was discovered in LIVEBOX Collaboration vDesk through v018. An Insecure Direct Object Reference can occur under the 5.6.5-3/doc/ID-FILE/c/N/C/websocket endpoint. A malicious unauthenticated user can access cached files in the OnlyOffice backend of other users by guessing the file ID of a...