Gravitl Netmaker 安全漏洞

Gravitl Netmaker is a platform for creating and managing fast, secure and dynamic virtual overlay networks using WireGuard from Gravitl USA. For creating and controlling automated virtual networks. A security vulnerability exists in Gravitl Netmaker versions prior to 0.18.6 that stems from the...

SUSE CVE-2023-37543

Cacti before 1.2.6 allows IDOR Insecure Direct Object Reference for accessing any graph via a modified localgraphid parameter to graphxport.php. This is a different vulnerability than CVE-2019-16723...

helloGTX Travel Portal CRM 1.6 Insecure Direct Object Reference

==================================================================================================================================== | Title : helloGTX Travel Portal CRM v1.6 Insecure Direct Object Reference Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser ...

DEBIAN-CVE-2023-37543

Cacti before 1.2.6 allows IDOR Insecure Direct Object Reference for accessing any graph via a modified localgraphid parameter to graphxport.php. This is a different vulnerability than CVE-2019-16723...

CVE-2023-37543

Cacti before 1.2.6 allows IDOR Insecure Direct Object Reference for accessing any graph via a modified localgraphid parameter to graphxport.php. This is a different vulnerability than CVE-2019-16723...

CVE-2023-3105

The LearnDash LMS plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 4.6.0. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for...

Kanboard 信息泄露漏洞

Kanboard is a suite of open source visual task board software. The software has the ability to customize the panels according to the business. An information disclosure vulnerability exists in Kanboard versions prior to 1.2.30, which stems from an insecure direct object reference IDOR vulnerabili...

CVE-2023-2548

The RegistrationMagic plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 5.2.0.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible f...

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. A security vulnerability exists in GitLab, which stems from an insecure direct...

SUSE CVE-2020-8154

An Insecure direct object reference vulnerability in Nextcloud Server 18.0.2 allowed an attacker to remote wipe devices of other users when sending a malicious request directly to the endpoint...

CVE-2023-0550

The Quick Restaurant Menu plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 2.0.2. This is due to the fact that during menu item deletion/modification, the plugin does not verify that the post ID provided to the AJAX action is indeed a menu...

CVE-2023-0550

The Quick Restaurant Menu plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 2.0.2. This is due to the fact that during menu item deletion/modification, the plugin does not verify that the post ID provided to the AJAX action is indeed a menu...

CVE-2022-3995 TeraWallet – For WooCommerce <= 1.4.3 - Insecure Direct Object Reference

The TeraWallet plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 1.4.3. This is due to insufficient validation of the user-controlled key on the lockunlockterawallet AJAX action. This makes it possible for authenticated attackers, with...

WordPress plugin TeraWallet 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An insecure direct object...

Telos Alliance Omnia MPX Node 安全漏洞

The Telos Alliance Omnia MPX Node is a specialized hardware codec from Telos Alliance, USA. Capable of transmitting or receiving full FM signals at data rates as low as 320 kbps using the Omnia μMPXTM algorithm, it is ideally suited for capacity-limited networks, including IP radios. An insecure...

WordPress plugin wpDiscuz 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2022-40206

Insecure direct object references IDOR vulnerability in the wpForo Forum plugin = 2.0.5 on WordPress allows attackers with subscriber or higher user roles to mark any forum post as private/public...

CVE-2022-36966

Users with Node Management rights were able to view and edit all nodes due to Insufficient control on URL parameter causing insecure direct object reference IDOR vulnerability in SolarWinds Platform 2022.3 and previous...

SolarWinds Platform 安全漏洞

SolarWinds Platform is a unified monitoring, observability, and service management platform from U.S.-based SolarWinds, Inc. A security vulnerability exists in SolarWinds Platform version 2022.3 and prior versions that stems from an insecure direct object reference IDOR. An attacker with node...

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. A security vulnerability exists in GitLab CE/EE versions 14.5 through 15.1.6,...