2754 matches found
CVE-2026-0562 Insecure Direct Object Reference (IDOR) in parisneo/lollms
A critical security vulnerability in parisneo/lollms versions up to 2.2.0 allows any authenticated user to accept or reject friend requests belonging to other users. The respondrequest function in backend/routers/friends.py does not implement proper authorization checks, enabling Insecure Direct...
CVE-2026-0562
CVE-2026-0562 affects parisneo/lollms up to version 2.2.0. The vulnerability is an IDOR in the respond_request() flow at /api/friends/requests/{friendship_id}, where the authenticated user is not checked for membership in the friendship or for being the intended recipient. As described in Red Hat...
msfpro
msfpro 🔥 Lightweight Web Exploitation Framework for Bug Bou...
CVE-2026-33931
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, an Insecure Direct Object Reference IDOR vulnerability in the patient portal payment page allows any authenticated portal patient to access other patients' payment...
CVE-2026-33730 Open Source Point of Sale has an IDOR in Password Change (Home)
Open Source Point of Sale opensourcepos is a web based point of sale application written in PHP using CodeIgniter framework. Prior to version 3.4.2, an Insecure Direct Object Reference IDOR vulnerability allows an authenticated low-privileged user to access the password change functionality of...
CVE-2026-32120
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, an Insecure Direct Object Reference IDOR vulnerability in the fee sheet product save logic library/FeeSheet.class.php allows any authenticated user with fee sheet ACL...
GO-2026-4814 New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api...
CVE-2026-3111
Insecure Direct Object Reference IDOR vulnerability in Campus Educativa specifically at the endpoint '/archivos/usuarios/ID/username/thumbAAxAA.jpg' translated as 80x90 and 40x45. Successful exploitation of this vulnerability could allow an unauthenticated attacker to access the profile photos of...
CVE-2026-30886
New API is a large language mode LLM gateway and artificial intelligence AI asset management system. Prior to version 0.11.4-alpha.2, an Insecure Direct Object Reference IDOR vulnerability in the video proxy endpoint GET /v1/videos/:taskid/content allows any authenticated user to access video...
CVE-2026-32736
The Hytale Modding Wiki is a free service for Hytale mods to host their documentation & wikis. An Insecure Direct Object Reference IDOR vulnerability in versions of the wiki prior to 1.0.0 exposes mod authors' personal information - including full names and email addresses - to any authenticated...
CVE-2026-1704
The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.6.9.29. This is due to the getitempermissionscheck method granting access to users with the...
CVE-2026-1947
The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 9.1.9 via the submitnexform function due to missing validation on a user controlled key. This makes it possible for unauthenticated...
CVE-2026-24901
Outline is a service that allows for collaborative documentation. Prior to 1.4.0, an Insecure Direct Object Reference IDOR vulnerability in the document restoration logic allows any team member to unauthorizedly restore, view, and seize ownership of deleted drafts belonging to other users,...
CVE-2026-2931
The CVE-2026-2931 entry concerns the Amelia Booking plugin for WordPress (versions up to and including 9.1.2). The vulnerability is an Insecure Direct Object Reference that allows a user-controlled access to objects, enabling authenticated users with customer-level permissions or higher to change...
OpenEMR 安全漏洞
OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Versions of OpenEMR prior to 8.0.0.3 contained security...
CVE-2026-33931
Vulnerability summary (CVE-2026-33931) : OpenEMR prior to version 8.0.0.3 contains an insecure direct object reference (IDOR) in the patient portal payment page. By manipulating the recid parameter in portal/portal_payment.php, any authenticated portal patient could access other patients’ payment...
CVE-2026-32120
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, an Insecure Direct Object Reference IDOR vulnerability in the fee sheet product save logic library/FeeSheet.class.php allows any authenticated user with fee sheet ACL...
CVE-2026-32120
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, an Insecure Direct Object Reference IDOR vulnerability in the fee sheet product save logic library/FeeSheet.class.php allows any authenticated user with fee sheet ACL...
EUVD-2026-16010
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, an Insecure Direct Object Reference IDOR vulnerability in the fee sheet product save logic library/FeeSheet.class.php allows any authenticated user with fee sheet ACL...
GHSA-JFMM-MJCP-8WQ2 Vikjuna: IDOR in Task Attachment ReadOne Allows Cross-Project File Access and Deletion
Summary TaskAttachment.ReadOne queries attachments by ID only WHERE id = ?, ignoring the task ID from the URL path. The permission check in CanRead validates access to the task specified in the URL, but ReadOne loads a different attachment that may belong to a task in another project. This allows...