Lucene search
K

943 matches found

CNNVD
CNNVD
added 2022/11/08 12:0 a.m.5 views

WordPress plugin wpForo Forum 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.4CVSS5.2AI score0.00485EPSS
Exploits0References3
OSV
OSV
added 2022/11/03 8:15 p.m.5 views

CVE-2021-36906

Multiple Insecure Direct Object References IDOR vulnerabilities in ExpressTech Quiz And Survey Master plugin = 7.3.6 on WordPress...

8.8CVSS5.8AI score
Exploits0References2
Cvelist
Cvelist
added 2022/11/03 7:33 p.m.18 views

CVE-2021-36906 WordPress Quiz And Survey Master plugin <= 7.3.6 - Multiple Insecure direct object references (IDOR) vulnerabilities

Multiple Insecure Direct Object References IDOR vulnerabilities in ExpressTech Quiz And Survey Master plugin = 7.3.6 on WordPress...

2.7CVSS9AI score0.00525EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/11/03 12:0 a.m.3 views

WordPress plugin ExpressTech Quiz And Survey Master 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

8.8CVSS7.9AI score0.00525EPSS
Exploits0References3
NVD
NVD
added 2022/11/02 12:15 p.m.15 views

CVE-2022-39945

An improper access control vulnerability CWE-284 in FortiMail 7.2.0, 7.0.0 through 7.0.3, 6.4 all versions, 6.2 all versions, 6.0 all versions may allow an authenticated admin user assigned to a specific domain to access and modify other domains information via insecure direct object references...

6.5CVSS0.00349EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/11/02 12:15 p.m.2 views

CVE-2022-39945

An improper access control vulnerability CWE-284 in FortiMail 7.2.0, 7.0.0 through 7.0.3, 6.4 all versions, 6.2 all versions, 6.0 all versions may allow an authenticated admin user assigned to a specific domain to access and modify other domains information via insecure direct object references...

6.5CVSS6.6AI score0.00349EPSS
Exploits0References2
Prion
Prion
added 2022/11/02 12:15 p.m.18 views

Improper access control

An improper access control vulnerability CWE-284 in FortiMail 7.2.0, 7.0.0 through 7.0.3, 6.4 all versions, 6.2 all versions, 6.0 all versions may allow an authenticated admin user assigned to a specific domain to access and modify other domains information via insecure direct object references...

4.7CVSS6.2AI score0.00349EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/11/02 12:0 a.m.6 views

PT-2022-25140 · Fortinet · Fortimail

Name of the Vulnerable Software and Affected Versions: FortiMail versions 6.0 through 7.2.0 Description: The issue allows an authenticated admin user assigned to a specific domain to access and modify other domains' information via insecure direct object references IDOR. This is due to an imprope...

6.5CVSS6.2AI score0.00349EPSS
Exploits0References2
NVD
NVD
added 2022/10/18 2:15 p.m.18 views

CVE-2022-41479

The DevExpress Resource Handler ASPxHttpHandlerModule in DevExpress ASP.NET Web Forms Build v19.2.3 does not verify the referenced objects in the /DXR.axd?r= HTTP GET parameter. This leads to an Insecure Direct Object References IDOR vulnerability which allows attackers to access the application...

7.5CVSS0.01101EPSS
Exploits1References3
CVE
CVE
added 2022/10/18 12:0 a.m.94 views

CVE-2022-41479

CVE-2022-41479 affects DevExpress ASP.NET Web Forms Build v19.2.3. The DevExpress Resource Handler (ASPxHttpHandlerModule) does not verify objects referenced by the /DXR.axd?r= HTTP GET parameter, causing an Insecure Direct Object References (IDOR) that can expose the application source code (ven...

7.5CVSS7.6AI score0.01101EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2022/10/13 12:0 a.m.5 views

Octopus Server 安全漏洞

Octopus Server is an automated deployment platform. Octopus Server suffers from a security vulnerability that stems from its insecure direct object references IDORs that may leak team information through the API...

6.5CVSS6.5AI score0.00528EPSS
Exploits0References2
NVD
NVD
added 2022/09/30 7:15 p.m.11 views

CVE-2021-36865

Insecure direct object references IDOR vulnerability in ExpressTech Quiz And Survey Master plugin = 7.3.4 at WordPress allows attackers to change the content of the quiz...

4.3CVSS0.00406EPSS
Exploits0References2
OSV
OSV
added 2022/09/30 7:15 p.m.4 views

CVE-2021-36865

Insecure direct object references IDOR vulnerability in ExpressTech Quiz And Survey Master plugin = 7.3.4 at WordPress allows attackers to change the content of the quiz...

4.3CVSS5.8AI score0.00406EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/09/30 6:52 p.m.24 views

CVE-2021-36865 WordPress Quiz And Survey Master plugin <= 7.3.4 - Insecure direct object references (IDOR) vulnerability

Insecure direct object references IDOR vulnerability in ExpressTech Quiz And Survey Master plugin = 7.3.4 at WordPress allows attackers to change the content of the quiz...

3.8CVSS4.9AI score0.00406EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/09/30 6:52 p.m.9 views

CVE-2021-36865 WordPress Quiz And Survey Master plugin <= 7.3.4 - Insecure direct object references (IDOR) vulnerability

Insecure direct object references IDOR vulnerability in ExpressTech Quiz And Survey Master plugin = 7.3.4 at WordPress allows attackers to change the content of the quiz...

3.8CVSS4.3AI score0.00406EPSS
Exploits0References2
CVE
CVE
added 2022/09/30 6:52 p.m.74 views

CVE-2021-36865

CVE-2021-36865 affects WordPress environments using the ExpressTech/Quiz And Survey Master plugin family (WordPress Quiz And Survey Master/Quiz Master Next) up to version 7.3.4. The vulnerability is an insecure direct object reference (IDOR) that allows an attacker to change quiz content. Root ca...

4.3CVSS4.5AI score0.00406EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/09/29 12:0 a.m.16 views

WordPress Quiz And Survey Master plugin <= 7.3.4 - Insecure direct object references (IDOR) vulnerability

Insecure direct object references IDOR vulnerability leading to Changing of Quiz Content discovered by Ngo Van Thien Patchstack Alliance in WordPress Quiz And Survey Master plugin versions = 7.3.4. Solution Update the WordPress Quiz And Survey Master plugin to the latest available version at leas...

4.3CVSS3.2AI score0.00406EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/09/26 12:0 a.m.26 views

WordPress wpForo Forum plugin <= 2.0.5 - Insecure direct object references (IDOR) vulnerability

Insecure direct object references IDOR vulnerability that allows subscriber+ users to mark any forum post as Solved/Unsolved was discovered by Dhakal Ananda Patchstack Alliance in the WordPress wpForo Forum plugin versions = 2.0.5. Solution Update the WordPress wpForo Forum plugin to the latest...

5.4CVSS3.1AI score0.00485EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/09/26 12:0 a.m.36 views

WordPress wpForo Forum plugin <= 2.0.5 - Insecure direct object references (IDOR) vulnerability

Insecure direct object references IDOR vulnerability that allows subscriber+ users to mark any forum post as Private/Public was discovered by Dhakal Ananda Patchstack Alliance in the WordPress wpForo Forum plugin versions = 2.0.5. Solution Update the WordPress wpForo Forum plugin to the latest...

6.3CVSS3.1AI score0.00455EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2022/09/16 12:0 a.m.2 views

Canonical Ubuntu Linux 输入验证错误漏洞

Canonical Ubuntu Linux is a Linux operating system from Canonical, a British company. A security vulnerability exists in Canonical Ubuntu Linux that originates from incorrectly handling the reference count of certain objects, resulting in a denial of service. An attacker can exploit the...

6.6CVSS7.3AI score0.00294EPSS
Exploits1References8
Rows per page
Query Builder