4420 matches found
ASUSTOR AS6202T ADM Insecure Direct Object Reference Vulnerability
ADM ASUSTOR Data Manager is the operating system and user interface for ASUSTOR NAS. An insecure direct object reference vulnerability exists in download.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3. An attacker could use this vulnerability to reference the "downloadsyssettings" action to arbitrarily...
BBE Theme < 1.53 - Direct Object Reference
The bbe WordPress theme was affected by a Direct Object Reference security vulnerability...
New Relic: IDOR via internal_api "users" endpoint
While trying to figure out what the heck is going on with 347664, I stumbled upon another way to perform the "gift that keeps on giving" as @ahamlin put it. Steps to reproduce: 1. Add a unconfirmed user to your account 2. Navigate to https://alerts.newrelic.com/accounts/1523936/channels 3. Click ...
Sophos Cyberoam UTM CR25iNG - 10.6.3 MR-5 - Direct Object Reference
Sophos Cyberoam UTM CR25iNG - 10.6.3 MR-5 - Direct Object Reference...
Sophos Cyberoam UTM CR25iNG - 10.6.3 MR-5 - Direct Object Reference
Exploit Title: Sophos Cyberoam UTM - Privilege Escalation Date: 31/08/2016 Exploit Author: Chintan Gurjar Frogy Vendor Homepage: http://www.sophos.com/ Software Link: https://www.cyberoam.com/downloads/datasheet/CR25iNG.html Version: Cyberoam CR25iNG - 10.6.3 MR-5 CVE : CVE-2016-7786 Category :...
SecurEnvoy SecurMail Insecure Direct Object Reference Vulnerability
SecurEnvoy SecurMail allows you to send email securely. An insecure direct object reference vulnerability exists in SecurEnvoy SecurMail before 9.2.501. A remote authenticated user can exploit this vulnerability to read arbitrary email messages via the option1 parameter in the reply action of...
How in the JSON endpoint on the use of CSRF vulnerabilities-vulnerability warning-the black bar safety net
! (CSRF + Flash + HTTP 307)=don't say you have“dead”! If you want to go through a third-party attacker control of the server in the JSON endpoint using a CSRF vulnerability, I give you recommend one called json-flash-csrf-poc GitHub project【download】 it. Background story In a recent penetration...
SecurEnvoy SecurMail 9.1.501 - Multiple Vulnerabilities
SecurEnvoy SecurMail 9.1.501 - Multiple Vulnerabilities SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Critical Vulnerabilities product: SecurEnvoy SecurMail vulnerable version: 9.1.501 fixed version: 9.2.501...
SecurEnvoy SecurMail 9.1.501 - Multiple Vulnerabilities
Exploit for asp platform in category web applications ======================================================================= title: Multiple Critical Vulnerabilities product: SecurEnvoy SecurMail vulnerable version: 9.1.501 fixed version: 9.2.501 or hotfix patch "1012018" CVE number:...
SecurEnvoy SecurMail 9.1.501 XSS / CSRF / Traversal
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Critical Vulnerabilities product: SecurEnvoy SecurMail vulnerable version: 9.1.501 fixed version: 9.2.501 or hotfix patch "1012018" CVE number: CVE-2018-7701,...
TestLink Insecure Direct Object Reference Vulnerability
Testlink is TestLink team developed a PHP-based open source test management tool . The tool provides test requirements management , test case management and test data statistics and other functions . TestLink 1.9.16 and previous versions of a security vulnerability . A remote attacker can send a...
Telerik UI for ASP.NET AJAX RadAsyncUpload Multiple Vulnerabilities
The version of Telerik UI for ASP.NET AJAX installed on the remote Windows host is affected by multiple vulnerabilities in Telerik.Web.UI.dll. An unauthenticated, remote attacker can exploit this, via specially crafted data, to execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Securit...
TestLink Open Source Test Management Insecure Direct Object Reference Vulnerability
Exploit for php platform in category web applications ======================================================================= title: Insecure Direct Object Reference product: TestLink Open Source Test Management vulnerable version: 1.9.17 fixed version: 1.9.17 after November 2017, and the current...
FreeBSD : GitLab -- multiple vulnerabilities (86291013-16e6-11e8-ae9f-d43d7e971a1b)
GitLab reports : SnippetFinder information disclosure The GitLab SnippetFinder component contained an information disclosure which allowed access to snippets restricted to Only team members or configured as disabled. The issue is now resolved in the latest version. LDAP API authorization issue An...
GitLab -- multiple vulnerabilities
GitLab reports: SnippetFinder information disclosure The GitLab SnippetFinder component contained an information disclosure which allowed access to snippets restricted to Only team members or configured as disabled. The issue is now resolved in the latest version. LDAP API authorization issue An...
Telerik UI for ASP.NET AJAX 2012.3.1308 < 2017.1.118 - Arbitrary File Upload
Exploit Title: Telerik UI for ASP.NET AJAX RadAsyncUpload uploader Filename: RAUcrypto.py Github: https://github.com/bao7uo/RAUcrypto Date: 2018-01-23 Exploit Author: Paul Taylor / Foregenix Ltd Website: http://www.foregenix.com/blog Version: Telerik UI for ASP.NET AJAX CVE: CVE-2017-11317,...
ok.ru: Обход функций закрытого профиля, получения возможности комментировать закрытые подарки и просматривать их
Insecure direct object reference allowed posting comments to user gifts despite of privacy settings. Уязвимость позволяла создавать комментарии к подаркам пользователя даже если это запрещено настройками приватности...
Telesquare SKT LTE Router SDT-CS3B1 Insecure Direct Object Reference Info Leak
Summary We introduce SDT-CS3B1 LTE router which is a SKT 3G and 4G LTE wireless communication based LTE router product. Description Insecure direct object references occur when an application provides direct access to objects based on user-supplied input. As a result of this vulnerability attacke...
Telesquare SKT LTE Router SDT-CS3B1 - Information Disclosure Vulnerability
Exploit for hardware platform in category web applications Telesquare SKT LTE Router SDT-CS3B1 Insecure Direct Object Reference Info Leak Vendor: Telesquare Co., Ltd. Product web page: http://www.telesquare.co.kr Affected version: FwVer: SDT-CS3B1, sw version 1.2.0 LteVer: ML300S5XEA41090 1 0.1.0...
Telesquare SKT LTE Router SDT-CS3B1 Insecure Direct Object Reference
Telesquare SKT LTE Router SDT-CS3B1 Insecure Direct Object Reference Info Leak Vendor: Telesquare Co., Ltd. Product web page: http://www.telesquare.co.kr Affected version: FwVer: SDT-CS3B1, sw version 1.2.0 LteVer: ML300S5XEA41090 1 0.1.0 Modem model: PM-L300S Summary: We introduce SDT-CS3B1 LTE...