955 matches found
PT-2026-35405
Document structural anomalies caused inconsistencies between page element relationships and internal index states. When scripts triggered document modifications, object reference validity was not properly maintained, leading to a crash when accessing an invalid pointer during page information...
EUVD-2026-24748
A vulnerability in the web application allows unauthorized users to access and manipulate sensitive data across different tenants by exploiting insecure direct object references. This could lead to unauthorized access to sensitive information and unauthorized changes to the tenant's configuration...
CVE-2026-6355
A vulnerability in the web application allows unauthorized users to access and manipulate sensitive data across different tenants by exploiting insecure direct object references. This could lead to unauthorized access to sensitive information and unauthorized changes to the tenant's configuration...
CVE-2026-6355 CVE-2026-6355
A vulnerability in the web application allows unauthorized users to access and manipulate sensitive data across different tenants by exploiting insecure direct object references. This could lead to unauthorized access to sensitive information and unauthorized changes to the tenant's configuration...
CVE-2026-6355
CVE-2026-6355 describes a vulnerability in a web application where unauthorized users can access and manipulate sensitive data across tenants by exploiting insecure direct object references. The root cause is insecure handling of object identifiers that allows cross-tenant access and configuratio...
CVE-2026-6355 CVE-2026-6355
A vulnerability in the web application allows unauthorized users to access and manipulate sensitive data across different tenants by exploiting insecure direct object references. This could lead to unauthorized access to sensitive information and unauthorized changes to the tenant's configuration...
PT-2026-34334
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An insecure direct object reference allows unauthorized users to access and manipulate sensitive data across different tenants. This can result in unauthorized...
Augmentt 安全漏洞
Augmentt is a SaaS management and automation platform developed by Augmentt Inc. in Canada. There is a security vulnerability in Augmentt, which stems from insecure direct object references in web applications. This vulnerability could allow unauthorized users to access and manipulate sensitive...
Horilla 访问控制错误漏洞
Horilla is a free open-source human resources software developed by Horilla Company. Version 1.5.0 of Horilla contains an access control vulnerability, which stems from insecure direct object references in the employee document viewer. This vulnerability could allow any authenticated user to acce...
WordPress EventPrime plugin <= 4.3.0.0 - Insecure Direct Object References (IDOR) vulnerability
Insecure Direct Object References IDOR vulnerability discovered by James Pirstin in WordPress Plugin EventPrime versions = 4.3.0.0...
WordPress plugin LatePoint 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
WordPress FluentBoards plugin <= 1.91.2 - Insecure Direct Object References (IDOR) vulnerability
Insecure Direct Object References IDOR vulnerability discovered by Jakub Herman in WordPress Plugin FluentBoards versions = 1.91.2...
CVE-2026-40784 WordPress FluentBoards plugin <= 1.91.2 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in Mahmudul Hasan Arif FluentBoards fluent-boards allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FluentBoards: from n/a through = 1.91.2...
CVE-2026-40784 WordPress FluentBoards plugin <= 1.91.2 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in Mahmudul Hasan Arif FluentBoards fluent-boards allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FluentBoards: from n/a through = 1.91.2...
CVE-2026-40784
The CVE concerns the WordPress FluentBoards plugin (FluentBoards fluent-boards) <= 1.91.2, with an Insecure Direct Object References (IDOR) vulnerability described as an Authorization Bypass Through User-Controlled Key. Root cause: incorrectly configured access control security levels. Affecte...
CVE-2026-40737 WordPress COMPE plugin <= 1.1.4 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in VillaTheme COMPE compe-woo-compare-products allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects COMPE: from n/a through = 1.1.4...
CVE-2026-40737 WordPress COMPE plugin <= 1.1.4 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in VillaTheme COMPE compe-woo-compare-products allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects COMPE: from n/a through = 1.1.4...
WordPress plugin Tutor LMS – eLearning and online course solution 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
WordPress plugin Tutor LMS – eLearning and online course solution 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
Chamilo LMS 安全漏洞
Chamilo LMS is an open-source online learning and collaboration system developed by Chamilo. This system supports the creation of teaching content, remote training, and online quizzes. Versions of Chamilo LMS prior to 1.11.38 and 2.0.0-RC.3 contained security vulnerabilities. These vulnerabilitie...