4405 matches found
Lost and Found Information System security breach
Lost and Found Information System is a lost and found information system by oretnom23 Individual Developer. A security vulnerability exists in version 1.0 of the Lost and Found Information System, which stems from an insecure direct object reference vulnerability in the system that allows account...
CVE-2023-45393
An indirect object reference IDOR in GRANDING UTime Master v9.0.7-Build:Apr 4,2023 allows authenticated attackers to access sensitive information via a crafted cookie...
CVE-2023-45393
An indirect object reference IDOR in GRANDING UTime Master v9.0.7-Build:Apr 4,2023 allows authenticated attackers to access sensitive information via a crafted cookie...
CVE-2023-45393
An indirect object reference IDOR in GRANDING UTime Master v9.0.7-Build:Apr 4,2023 allows authenticated attackers to access sensitive information via a crafted cookie...
Information disclosure
An indirect object reference IDOR in GRANDING UTime Master v9.0.7-Build:Apr 4,2023 allows authenticated attackers to access sensitive information via a crafted cookie...
Incorrect Authorization
Overview magento/project-community-edition is an eCommerce Platform for Growth Community Edition Affected versions of this package are vulnerable to Incorrect Authorization through the V1/customers/me endpoint. An attacker can achieve information exposure and privilege escalation by triggering an...
Incorrect Authorization
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Incorrect Authorization through the V1/customers/me endpoint. An attacker can achieve information exposure and privilege escalation by triggering an insecure direct object...
CVE-2023-45393
An indirect object reference IDOR in GRANDING UTime Master v9.0.7-Build:Apr 4,2023 allows authenticated attackers to access sensitive information via a crafted cookie...
CVE-2023-45393
An indirect object reference IDOR in GRANDING UTime Master v9.0.7-Build:Apr 4,2023 allows authenticated attackers to access sensitive information via a crafted cookie...
CVE-2023-45396
An Insecure Direct Object Reference IDOR vulnerability leads to events profiles access in Elenos ETG150 FM transmitter running on version 3.12...
CVE-2023-45396
An Insecure Direct Object Reference IDOR vulnerability leads to events profiles access in Elenos ETG150 FM transmitter running on version 3.12...
CVE-2023-45396
An Insecure Direct Object Reference IDOR vulnerability leads to events profiles access in Elenos ETG150 FM transmitter running on version 3.12...
Design/Logic Flaw
An Insecure Direct Object Reference IDOR vulnerability leads to events profiles access in Elenos ETG150 FM transmitter running on version 3.12...
Elenos ETG150 Security Vulnerability
The Elenos ETG150 is an FM transmitter from Elenos. A security vulnerability exists in the Elenos ETG150 FM transmitter version 3.12, which originates from an insecure direct object reference IDOR that occurs when an application provides direct access to an object based on user-supplied input...
PT-2023-29547 · Elenos · Elenos Etg150 Fm Transmitter
Name of the Vulnerable Software and Affected Versions: Elenos ETG150 FM transmitter version 3.12 Description: An Insecure Direct Object Reference IDOR issue allows access to events profiles. Recommendations: For Elenos ETG150 FM transmitter version 3.12, consider restricting access to sensitive...
CVE-2023-45396
An Insecure Direct Object Reference IDOR vulnerability leads to events profiles access in Elenos ETG150 FM transmitter running on version 3.12...
CVE-2023-45396
CVE-2023-45396 is an IDOR vulnerability affecting Elenos ETG150 FM transmitter version 3.12. The issue enables access to sensitive assets (events profiles) due to insecure direct object references in the application. Connected sources (Red Hat advisory, NVD, PT Security, CNNVD, and others) consis...
Chicv Management System Login 4.5.6 Insecure Direct Object Reference
==================================================================================================================================== | Title : Chicv Management System Login v4.5.6 IDOR Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0....
GHSA-896V-PH5W-379H Economizzer Insecure Direct Object Reference vulnerability
An Insecure Direct Object Reference IDOR vulnerability in gugoan Economizzer commit 3730880 April 2023 and v.0.9-beta1 allows any unauthenticated attacker to access cash book entry attachments of any other user, if they know the Id of the attachment...
CVE-2023-38872
An Insecure Direct Object Reference IDOR vulnerability in gugoan Economizzer commit 3730880 April 2023 and v.0.9-beta1 allows any unauthenticated attacker to access cash book entry attachments of any other user, if they know the Id of the attachment...