Lucene search
K

1954 matches found

ThreatPost
ThreatPost
added 2014/09/22 12:4 p.m.12 views

MyFitnessPal App Patches Privacy Vulnerability

The details of a patched vulnerability in a popular mobile fitness application have been disclosed three months after a fixed was released. The flaw could have allowed a user to fetch the personal profile of another registered app user. MyFitnessPal deployed a fix on June 26 for a privacy flaw in...

6.5AI score
Exploits0References4
securityvulns
securityvulns
added 2014/02/03 12:0 a.m.72 views

Vulnerabilities within Mura CMS / Sitecore MCS / SmarterMail

These vulnerabilities allow for a complete take over giving full administrative access as well as remote shells on the servers that they are installed on. Each of these suffer from Insecure Direct Object Reference Vulnerabilities. Due to the details of the attack and screen shots, they can be fou...

2.1AI score
Exploits0
NVD
NVD
added 2012/10/06 9:55 p.m.15 views

CVE-2012-1565

Unspecified vulnerability in ez Publish 4.1.4, 4.2, 4.3, 4.4, 4.5, and 4.6 has unknown impact and attack vectors related to an insecure direct object reference...

7.5CVSS6.4AI score0.02031EPSS
Exploits0References7
Prion
Prion
added 2012/10/06 9:55 p.m.10 views

Design/Logic Flaw

Unspecified vulnerability in ez Publish 4.1.4, 4.2, 4.3, 4.4, 4.5, and 4.6 has unknown impact and attack vectors related to an insecure direct object reference...

7.5CVSS7AI score0.02031EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2012/10/06 9:0 p.m.59 views

CVE-2012-1565

Technical details and affected versions are not publicly available in the provided documents. Monitor for updates from official advisories.

7.5CVSS6.6AI score0.02031EPSS
Exploits0References7Affected Software1
Packet Storm
Packet Storm
added 2010/09/21 12:0 a.m.38 views

Tuenti.com Insecure Direct Object Reference

============================================= INTERNET SECURITY AUDITORS ALERT 2010-008 - Original release date: August 30th, 2010 - Last revised: September 21st, 2010 - Discovered by: Vicente Aguilera Diaz - Severity: 4/10 CVSSv2 Base Scored ============================================= I...

7.4AI score
Exploits0
Prion
Prion
added 2010/09/14 5:0 p.m.16 views

Directory traversal

Directory traversal vulnerability in sla/index.php in the Local Management Interface LMI on the IBM Proventia Network Mail Security System PNMSS appliance with firmware before 2.5 allows remote authenticated users to read arbitrary files via a .. dot dot in the l parameter, related to an "Insecur...

4CVSS6.5AI score0.01292EPSS
Exploits2References2Affected Software1
securityvulns
securityvulns
added 2010/09/14 12:0 a.m.64 views

MVSA-10-008 / CVE-2010-0154 - IBM Proventia Mail Security System - Insecure Direct Object Reference vulnerability

Security Advisory: MVSA-10-008 / CVE-2010-0154 Vendor: IBM Products: Proventia Network Mail Security System Vulnerabilities: Insecure Direct Object Reference Risk: Medium Attack Vector: From Remote Authentication: Required Reference: http://www.ventuneac.net/security-advisories/MVSA-10-008...

4CVSS0.6AI score0.01292EPSS
Exploits2
Packet Storm
Packet Storm
added 2010/09/14 12:0 a.m.43 views

Proventia Network Mail Security System Insecure Direct Object Reference

Security Advisory: MVSA-10-008 / CVE-2010-0154 Vendor: IBM Products: Proventia Network Mail Security System Vulnerabilities: Insecure Direct Object Reference Risk: Medium Attack Vector: From Remote Authentication: Required Reference: http://www.ventuneac.net/security-advisories/MVSA-10-008...

4CVSS6.7AI score0.01292EPSS
Exploits2
Packet Storm
Packet Storm
added 2010/02/25 12:0 a.m.27 views

Article Friendly Local File Inclusion

======================================================================= Article friendly Insecure direct object Referece Vulnerability ======================================================================= by Pratul Agrawal Vulnerability found in- Admin module email [email protected] company...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2008/06/04 12:0 a.m.38 views

quicksite-multi.txt

www.BugReport.ir AmnPardaz Security Research Team Title: QuickerSite Multiple Vulnerabilities Vendor: www.quickersite.com Vulnerable Version: 1.8.5 Exploit: Available Impact: High Fix: N/A Original Advisory: http://bugreport.ir/index.php?/39 1. Description: QuickerSite is a Content Management...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2008/06/04 12:0 a.m.42 views

QuickerSite 1.8.5 Multiple Remote Vulnerabilities

No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: QuickerSite Multiple Vulnerabilities Vendor: www.quickersite.com Vulnerable Version: 1.8.5 Exploit: Available Impact: High Fix: N/A Original Advisory: http://bugreport.ir/index.php?/39 1. Description:...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2008/06/03 12:0 a.m.30 views

QuickerSite 1.8.5 - Multiple Vulnerabilities

QuickerSite 1.8.5 - Multiple Vulnerabilities www.BugReport.ir AmnPardaz Security Research Team Title: QuickerSite Multiple Vulnerabilities Vendor: www.quickersite.com Vulnerable Version: 1.8.5 Exploit: Available Impact: High Fix: N/A Original Advisory: http://bugreport.ir/index.php?/39 1...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2008/06/03 12:0 a.m.56 views

QuickerSite 1.8.5 - Multiple Vulnerabilities

www.BugReport.ir AmnPardaz Security Research Team Title: QuickerSite Multiple Vulnerabilities Vendor: www.quickersite.com Vulnerable Version: 1.8.5 Exploit: Available Impact: High Fix: N/A Original Advisory: http://bugreport.ir/index.php?/39 1. Description: QuickerSite is a Content Management...

7.4AI score
Exploits0
Rows per page
Query Builder