Dmacroweb DM Corporative CMS Insecure Direct Elephant Reference Vulnerability (CNVD-2025-14361)

Dmacroweb DM Corporative CMS is a content management system from the Spanish company Dmacroweb. Dmacroweb DM Corporative CMS suffers from an insecure direct object reference vulnerability, which originates from the parameter option in the file /administer/selectionnode/selection.asp that fails to...

Dmacroweb DM Corporative CMS Insecure Direct Elephant Reference Vulnerability (CNVD-2025-14359)

Dmacroweb DM Corporative CMS is a content management system from the Spanish company Dmacroweb. Dmacroweb DM Corporative CMS suffers from an insecure direct object reference vulnerability, which stems from the failure of the option parameter in the file /administer/selectionnode/framesSelection.a...

CVE-2025-40661

An Insecure Direct Object Reference IDOR vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/selection.asp...

CVE-2025-40660

An Insecure Direct Object Reference IDOR vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/select node/data.asp?mode=catalogue&id1;=1&id2;=1session==1=0...

CVE-2025-40659

An Insecure Direct Object Reference IDOR vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/framesSelectionNetworks.asp...

CVE-2025-40658

An Insecure Direct Object Reference IDOR vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/framesSelection.asp...

CVE-2025-40658

An Insecure Direct Object Reference IDOR vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/framesSelection.asp...

CVE-2025-40659

An Insecure Direct Object Reference IDOR vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/framesSelectionNetworks.asp...

CVE-2025-40660

An Insecure Direct Object Reference IDOR vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/select node/data.asp?mode=catalogue&id1=1&id2=1session=&cod=1&networks=0...

CVE-2025-40661

An Insecure Direct Object Reference IDOR vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/selection.asp...

CVE-2025-40661

An Insecure Direct Object Reference IDOR vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/selection.asp...

CVE-2025-40661 Insecure Direct Object Reference (IDOR) vulnerability in DM Corporative CMS

An Insecure Direct Object Reference IDOR vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/selection.asp...

CVE-2025-40661 Insecure Direct Object Reference (IDOR) vulnerability in DM Corporative CMS

An Insecure Direct Object Reference IDOR vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/selection.asp...

CVE-2025-40661

CVE-2025-40661 corresponds to an Insecure Direct Object Reference (IDOR) in DM Corporative CMS. The vulnerability arises from improper access control around the option parameter in /administer/selectionnode/selection.asp, allowing an attacker to access the private area by setting option to 0, 1 o...

CVE-2025-40660 Insecure Direct Object Reference (IDOR) vulnerability in DM Corporative CMS

An Insecure Direct Object Reference IDOR vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/select node/data.asp?mode=catalogue&id1=1&id2=1session=&cod=1&networks=0...

CVE-2025-40660

CVE-2025-40660 describes an IDOR in DM Corporative CMS. An attacker can access a private area by setting option to 0, 1, or 2 in /administer/select node/data.asp (parameters include mode, id1, id2, session, cod, networks). Multiple connected sources confirm the vulnerability core: insecure direct...

CVE-2025-40659 Insecure Direct Object Reference (IDOR) vulnerability in DM Corporative CMS

An Insecure Direct Object Reference IDOR vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/framesSelectionNetworks.asp...

CVE-2025-40659 Insecure Direct Object Reference (IDOR) vulnerability in DM Corporative CMS

An Insecure Direct Object Reference IDOR vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/framesSelectionNetworks.asp...

CVE-2025-40659

DM Corporative CMS is affected by an Insecure Direct Object Reference (IDOR) in the endpoint /administer/selectionnode/framesSelectionNetworks.asp, caused by insufficient access control when the option parameter is set to 0, 1, or 2. The vulnerability lets an attacker access the private area data...

CVE-2025-40658 Insecure Direct Object Reference (IDOR) vulnerability in DM Corporative CMS

An Insecure Direct Object Reference IDOR vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/framesSelection.asp...