EUVD-2026-26040

An authorization vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/moUser/update' endpoint, could allow an authenticated user with user modification privileges to escalate their privileges by sending an HTTP request with a manipulated 'identifier' field. Successful exploitati...

CVE-2026-7178

ChatGPTNextWeb NextChat (up to version 2.16.1) contains a vulnerability in the Artifacts Endpoint: the storeUrl function in app/api/artifacts/route.ts can be manipulated via the argument ID to trigger server-side request forgery. This flaw is exploitable remotely over the network; exploitation ap...

CVE-2026-25563

WeKan versions prior to 8.19 contain an insecure direct object reference IDOR in checklist creation and related checklist routes. The implementation does not verify that the supplied cardId belongs to the supplied boardId, allowing cross-board ID tampering by manipulating identifiers...

CVE-2026-25563 WeKan < 8.19 Checklist Creation Cross-Board IDOR

WeKan versions prior to 8.19 contain an insecure direct object reference IDOR in checklist creation and related checklist routes. The implementation does not verify that the supplied cardId belongs to the supplied boardId, allowing cross-board ID tampering by manipulating identifiers...

WeKan 安全漏洞

WeKan is an open-source dashboard application developed by WeKan. Versions of WeKan prior to 8.19 contained security vulnerabilities. These vulnerabilities stemmed from the lack of validation during the creation of inventories and related inventory routing processes, which did not ensure that the...

EUVD-2023-40299

Incorrect access control in the /member/orderList API of xmall v1.1 allows attackers to arbitrarily access other users' order details via manipulation of the query parameter userId...

CVE-2025-13571

A vulnerability was determined in code-projects Simple Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file /listorder.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been publicly...

CVE-2025-13116

A weakness has been identified in macrozheng mall-swarm and mall up to 1.0.3. Affected is the function cancelUserOrder of the file /order/cancelUserOrder. Executing manipulation of the argument orderId can lead to improper authorization. It is possible to launch the attack remotely. The exploit h...

CVE-2025-63248

DWSurvey 6.14.0 is affected by an Incorrect Access Control issue in the questionnaire deletion flow. Replacing the targeted questionnaire ID with another ID can enable deletion of additional questionnaires, revealing a path to unauthorized modification of data. Affected product: DWSurvey 6.14.0. ...

EUVD-2025-37032

mCarFix Motorists App version 2.3 package name com.skytop.mcarfix, developed by Paniel Mwaura, contains improper access control vulnerabilities. Attackers may bypass verification to arbitrarily register accounts, and by tampering with sequential numeric IDs, gain unauthorized access to user data...

CVE-2025-61118

mCarFix Motorists App version 2.3 package name com.skytop.mcarfix, developed by Paniel Mwaura, contains improper access control vulnerabilities. Attackers may bypass verification to arbitrarily register accounts, and by tampering with sequential numeric IDs, gain unauthorized access to user data...

BIT-DISCOURSE-2025-58055 Discourse AI Suggestions Contain Insecure Direct Object Reference

Discourse is an open-source community discussion platform. In versions 3.5.0 and below, the Discourse AI suggestion endpoints for topic “Title”, “Category”, and “Tags” allowed authenticated users to extract information about topics that they weren’t authorized to access. By modifying the “topicid...

EUVD-2025-24072

Malicious code in bioql PyPI...

CVE-2025-55370

Incorrect access control in the component \controller\ResourceController.java of jshERP v3.5 allows unauthorized attackers to obtain all the corresponding ID data by modifying the ID value...

PT-2025-34222 · Jsherp · Jsherp

Name of the Vulnerable Software and Affected Versions: jshERP version 3.5 Description: An incorrect access control issue exists in the controllerResourceController.java component of jshERP version 3.5. This allows unauthorized attackers to obtain all corresponding ID data by modifying the ID valu...

CVE-2025-55370

Incorrect access control in the component \controller\ResourceController.java of jshERP v3.5 allows unauthorized attackers to obtain all the corresponding ID data by modifying the ID value...

CVE-2025-55737

flaskBlog is a blog app built with Flask. In 2.8.0 and earlier, when deleting a comment, there's no validation of the ownership of the comment. Every user can delete an arbitrary comment of another user on every post, by simply intercepting the delete request and changing the commentID. The code...

PT-2025-32463 · Unknown · Portabilis I-Educar

Name of the Vulnerable Software and Affected Versions: Portabilis i-Educar versions up to 2.9.0 Description: A critical issue exists in Portabilis i-Educar related to improper authorization. The vulnerability is located in the API Endpoint component, specifically within the /module/Api/pessoa fil...

HCL Technologies HCL Sametime 代码问题漏洞

HCL Sametime, a conferencing solution from HCL Technologies, has a security vulnerability in HCL Technologies HCL Sametime version 11.6. The vulnerability stems from the fact that the user SID in the application can be modified, which can be exploited to modify the SID to enable arbitrary file...

CVE-2019-18642

Rock RMS version before 8.6 is vulnerable to account takeover by tampering with the user ID parameter in the profile update feature. The lack of validation and use of sequential user IDs allows any user to change account details of any other user. This vulnerability could be used to change the...