4372 matches found
CVE-2026-33030
Nginx UI is a web user interface for the Nginx web server. In versions 2.3.3 and prior, Nginx-UI contains an Insecure Direct Object Reference IDOR vulnerability that allows any authenticated user to access, modify, and delete resources belonging to other users. The application's base Model struct...
CVE-2026-33030 Nginx UI: Unencrypted Storage of DNS API Tokens and ACME Private Keys
Nginx UI is a web user interface for the Nginx web server. In versions 2.3.3 and prior, Nginx-UI contains an Insecure Direct Object Reference IDOR vulnerability that allows any authenticated user to access, modify, and delete resources belonging to other users. The application's base Model struct...
WordPress Download Monitor plugin <= 5.1.7 - Insecure Direct Object Reference to Unauthenticated Arbitrary Order Completion via 'token' and 'order_id' vulnerability
Insecure Direct Object Reference to Unauthenticated Arbitrary Order Completion via 'token' and 'orderid' vulnerability discovered by Hung Nguyen bashu - VN in WordPress Plugin Download Monitor versions = 5.1.7...
EUVD-2026-17052
The Download Monitor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.7 via the executePayment function due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to complete arbitrary...
CVE-2026-3124
The Download Monitor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.7 via the executePayment function due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to complete arbitrary...
CVE-2026-3124
The CVE-2026-3124 issue affects the WordPress Download Monitor plugin up to version 5.1.7. The root cause is Insecure Direct Object Reference via the executePayment() function due to missing validation on a user controlled key. This enables unauthenticated attackers to complete arbitrary pending ...
CVE-2026-3124
The Download Monitor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.7 via the executePayment function due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to complete arbitrary...
CVE-2026-3124 Download Monitor <= 5.1.7 - Insecure Direct Object Reference to Unauthenticated Arbitrary Order Completion via 'token' and 'order_id'
The Download Monitor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.7 via the executePayment function due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to complete arbitrary...
CVE-2026-3124 Download Monitor <= 5.1.7 - Insecure Direct Object Reference to Unauthenticated Arbitrary Order Completion via 'token' and 'order_id'
The Download Monitor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.7 via the executePayment function due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to complete arbitrary...
Nginx UI 安全漏洞
Nginx UI is a web interface for Nginx developed by Jacky. Versions of Nginx UI 2.3.3 and earlier have security vulnerabilities. These vulnerabilities stem from insecure direct object references, allowing any authenticated user to access, modify, and delete resources of other users...
PT-2026-28427
Name of the Vulnerable Software and Affected Versions Download Monitor plugin for WordPress versions prior to 5.1.8 Description The software contains an Insecure Direct Object Reference issue in the executePayment function. Missing validation on a user-controlled key allows unauthenticated...
PYSEC-2026-204
A critical security vulnerability in parisneo/lollms versions up to 2.2.0 allows any authenticated user to accept or reject friend requests belonging to other users. The respondrequest function in backend/routers/friends.py does not implement proper authorization checks, enabling Insecure Direct...
CVE-2026-0562
A critical security vulnerability in parisneo/lollms versions up to 2.2.0 allows any authenticated user to accept or reject friend requests belonging to other users. The respondrequest function in backend/routers/friends.py does not implement proper authorization checks, enabling Insecure Direct...
CVE-2026-0562 Insecure Direct Object Reference (IDOR) in parisneo/lollms
A critical security vulnerability in parisneo/lollms versions up to 2.2.0 allows any authenticated user to accept or reject friend requests belonging to other users. The respondrequest function in backend/routers/friends.py does not implement proper authorization checks, enabling Insecure Direct...
CVE-2026-0562
CVE-2026-0562 affects parisneo/lollms up to version 2.2.0. The vulnerability is an IDOR in the respond_request() flow at /api/friends/requests/{friendship_id}, where the authenticated user is not checked for membership in the friendship or for being the intended recipient. As described in Red Hat...
CVE-2026-0562 Insecure Direct Object Reference (IDOR) in parisneo/lollms
A critical security vulnerability in parisneo/lollms versions up to 2.2.0 allows any authenticated user to accept or reject friend requests belonging to other users. The respondrequest function in backend/routers/friends.py does not implement proper authorization checks, enabling Insecure Direct...
CVE-2026-0562
A critical security vulnerability in parisneo/lollms versions up to 2.2.0 allows any authenticated user to accept or reject friend requests belonging to other users. The respondrequest function in backend/routers/friends.py does not implement proper authorization checks, enabling Insecure Direct...
CVE-2026-33730
Open Source Point of Sale opensourcepos is a web based point of sale application written in PHP using CodeIgniter framework. Prior to version 3.4.2, an Insecure Direct Object Reference IDOR vulnerability allows an authenticated low-privileged user to access the password change functionality of...
SUSE CVE-2026-30886
New API is a large language mode LLM gateway and artificial intelligence AI asset management system. Prior to version 0.11.4-alpha.2, an Insecure Direct Object Reference IDOR vulnerability in the video proxy endpoint GET /v1/videos/:taskid/content allows any authenticated user to access video...
GHSA-W9F8-GXF9-RHVW Open WebUI's Insecure Direct Object Reference (IDOR) allows access to other users' memories
Summary Any authenticated user can read other users' private memories via /api/v1/retrieval/query/collection Details Vulnerability 1: Missing authorization in collection querying In backend/openwebui/routers/retrieval.py, the querycollectionhandler function accepts a list of collectionnames but...