93 matches found
CVE-2025-34436 AVideo < 20.1 IDOR Arbitrary File Upload
AVideo versions prior to 20.1 allow any authenticated user to upload files into directories belonging to other users due to an insecure direct object reference. The upload functionality verifies authentication but does not enforce ownership checks...
CVE-2025-66558
The issue affects Nextcloud Twofactor WebAuthn (WebAuthn Two-Factor Provider). Before versions 1.4.2 and 2.4.1, a missing ownership check allowed an attacker to remove a victim’s WebAuthn 2FA device by correctly guessing an 80–128 character random string. After a successful guess, the victim was ...
CVE-2025-66551 Nextcloud Tables is missing an ownership check which allows moving columns into tables of other users
Nextcloud Tables allows you to create your own tables with individual columns. Prior to 0.8.6 and 0.9.3, a malicious user was able to create their own table and then move a column to a victims table. This vulnerability is fixed in 0.8.6 and 0.9.3...
CVE-2025-66551 Nextcloud Tables is missing an ownership check which allows moving columns into tables of other users
Nextcloud Tables allows you to create your own tables with individual columns. Prior to 0.8.6 and 0.9.3, a malicious user was able to create their own table and then move a column to a victims table. This vulnerability is fixed in 0.8.6 and 0.9.3...
Missing ownership check in Tables app allows moving columns into tables of other users
None...
Open WebUI 安全漏洞
Open WebUI is an extensible, feature-rich, user-friendly self-hosted WebUI from Open WebUI open source. A security vulnerability exists in Open WebUI version v0.6.33, which stems from the API /api/tasks/stop/ direct access and cancel tasks without verifying user ownership, which could lead an...
CVE-2025-65033
Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an authorization flaw in the poll management feature allows any authenticated user to pause or resume any poll, regardless of ownership. The system only uses the public pollId to identify polls, and it does not...
CVE-2025-65029 Rallly Has an IDOR Vulnerability in Participant Deletion Endpoint Allows Unauthorized Removal of Poll Participants
Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an insecure direct object reference IDOR vulnerability allows any authenticated user to delete arbitrary participants from polls without ownership verification. The endpoint relies solely on a participant ID to...
PT-2025-42792
Name of the Vulnerable Software and Affected Versions FileRise versions prior to 1.4.0 Description FileRise is a self-hosted web-based file manager. A flaw in file/folder handling allows low-privilege users to perform unauthorized operations view, delete, modify on files created by other users...
CVE-2025-55737 flaskBlog arbitrary comment delete
flaskBlog is a blog app built with Flask. In 2.8.0 and earlier, when deleting a comment, there's no validation of the ownership of the comment. Every user can delete an arbitrary comment of another user on every post, by simply intercepting the delete request and changing the commentID. The code...
PT-2025-33855 · Flaskblog · Flaskblog
Name of the Vulnerable Software and Affected Versions: flaskBlog versions prior to 2.8.0 Description: flaskBlog is a blog application built with Flask. A flaw exists where there is no validation of comment ownership during deletion. This allows any user to delete comments belonging to other users...
CVE-2025-4962 IDOR Vulnerability in Template Creation via `projectId` Manipulation in lunary-ai/lunary
An Insecure Direct Object Reference IDOR vulnerability was identified in the POST /v1/templates endpoint of the Lunary API, affecting versions up to 0.8.8. This vulnerability allows authenticated users to create templates in another user's project by altering the projectId query parameter. The ro...
kernel: GFS2: The setflags ioctl() doesn't check file ownership
The dogfs2setflags function in fs/gfs2/file.c in the Linux kernel before 2.6.34-git10 does not verify the ownership of a file, which allows local users to bypass intended access restrictions via a SETFLAGS ioctl request...