MTN Group: Broken Access Control(Horizontal Privilege Escalation).

The vulnerability allowed unauthorized users to gain access to sensitive information by modifying the phone number parameter in the URL. This led to a breach of access controls and potential security risks...

Sourcecodester Hospital Patient Records Management System 安全漏洞

SourceCodester Hospital Patient Records Management System is a web-based application that provides an automated platform for hospitals to store and manage their patient records. sourceCodester Hospital Patient Records Management System version 1.0 contains a horizontal override vulnerability, whi...

EXNESS: Access control vulnerability (read/write)

Horizontal privilege escalation that could be used to gain read/write access to some resources not associated with the current user...

Acronis: Local Privilege Escalation via EXE hijacking with Acronis True Image 2021 - Acronis Scheduler2 Service

Vulnerability description not provided...

Acronis: Local Privilege Escalation via EXE hijacking with Acronis True Image 2021 installer

Vulnerability description not provided...

American Orange Building Star has a horizontal overstepping operation vulnerability

Shanghai Meicang Technology Information Development Co., Ltd. is an Internet application service provider based on cloud computing. There is a horizontal override operation vulnerability in the user center of Mei Orange Building Star's My Orders position, which can be exploited by an attacker to...

Security Bulletin: IBM API Connect V5 is vulnerable to horizontal privilege escalation (CVE-2018-1859)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2018-1859 DESCRIPTION: IBM API Connect V5 could allow a user authenticated as an administrator with limited rights to escalate their privileges. CVSS Base Score: 4.3 CVSS Temporal Score: See for th...

Tapplock Smart Lock Insecure Direct Object Reference

The server http://api.tapplock.com/ which servers as the api server for the tapplock smart lock is vulnerable to multiple authorization bypasses allowing horizontal escalation of privileges which could lead to the disclosure of all the info of all users and total compromise of every lock. The...

CVE-2015-8332

Huawei Video Content Management VCM before V100R001C10SPC001 does not properly "authenticate online user identities and privileges," which allows remote authenticated users to gain privileges and perform a case operation as another user via a crafted message, aka "Horizontal Privilege Escalation...

CVE-2015-8332

Huawei Video Content Management (VCM) before V100R001C10SPC001 does not properly authenticate online user identities and privileges, enabling horizontal privilege escalation where remote authenticated users can perform operations as other users by crafting messages. Affected component is the VCM ...

CVE-2017-6785

A vulnerability in configuration modification permissions validation for Cisco Unified Communications Manager could allow an authenticated, remote attacker to perform a horizontal privilege escalation where one user can modify another user's configuration. The vulnerability is due to lack of prop...

Cisco Unified Communications Manager Horizontal Privilege Escalation Vulnerability

A vulnerability in configuration modification permissions validation for Cisco Unified Communications Manager could allow an authenticated, remote attacker to perform a horizontal privilege escalation where one user can modify another user's configuration. The vulnerability is due to lack of prop...