113 matches found
CVE-2025-13479
Authorization bypass through User-Controlled key vulnerability in PosCube Hardware Software and Consulting Ltd. QR Menu allows Exploitation of Trusted Identifiers. This issue affects QR Menu: through 21052026. NOTE: The vendor was contacted early about this disclosure but did not respond in any w...
CVE-2025-13479
Authorization bypass through User-Controlled key vulnerability in PosCube Hardware Software and Consulting Ltd. QR Menu allows Exploitation of Trusted Identifiers. This issue affects QR Menu: through 21052026. NOTE: The vendor was contacted early about this disclosure but did not respond in any w...
EUVD-2025-209908
Authorization bypass through User-Controlled key vulnerability in PosCube Hardware Software and Consulting Ltd. QR Menu allows Exploitation of Trusted Identifiers. This issue affects QR Menu: through 21052026. NOTE: The vendor was contacted early about this disclosure but did not respond in any w...
CVE-2025-13479 IDOR in PosCube's QR Menu
Authorization bypass through User-Controlled key vulnerability in PosCube Hardware Software and Consulting Ltd. QR Menu allows Exploitation of Trusted Identifiers. This issue affects QR Menu: through 21052026. NOTE: The vendor was contacted early about this disclosure but did not respond in any w...
PosCube QR Menu 安全漏洞
PosCube QR Menu is a QR code electronic menu and ordering management system for the catering industry developed by the Turkish company PosCube. The versions of PosCube QR Menu dated back to May 21052026 and earlier contained a security vulnerability. This vulnerability stemmed from an authorizati...
PT-2026-42463
Authorization bypass through User-Controlled key vulnerability in PosCube Hardware Software and Consulting Ltd. QR Menu allows Exploitation of Trusted Identifiers. This issue affects QR Menu: through 21052026. NOTE: The vendor was contacted early about this disclosure but did not respond in any w...
CVE-2025-15025
CVE-2025-15025 : In the Library Automation System, versions prior to 22.1 (from 21.6) are affected by an authorization bypass via a User-Controlled key, leading to exploitation of trusted identifiers. The issue is described as an IDOR-style authorization bypass with high impact (confidentiality, ...
EUVD-2025-209843
Authorization bypass through User-Controlled key vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows Exploitation of Trusted Identifiers. This issue affects Library Automation System: from v.21.6 befor...
PT-2026-40915
Authorization bypass through User-Controlled key vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows Exploitation of Trusted Identifiers. This issue affects Library Automation System: from v.21.6 befor...
EUVD-2026-29442
Authorization bypass through User-Controlled key vulnerability in ABIS Technology Ltd. Co. BAPSİS allows Exploitation of Trusted Identifiers. This issue affects BAPSİS: before v.202604152042...
CVE-2026-6001
Authorization bypass through User-Controlled key vulnerability in ABIS Technology Ltd. Co. BAPSİS allows Exploitation of Trusted Identifiers. This issue affects BAPSİS: before v.202604152042...
CVE-2026-6001
CVE-2026-6001 affects BAPSİS (ABIS Technology Ltd. Co.) before v202604152042. It is described as an Authorization bypass via a User-Controlled key that enables exploitation of trusted identifiers. The connected sources confirm the issue but do not provide concrete exploit steps or remediation det...
CVE-2026-6001
Authorization bypass through User-Controlled key vulnerability in ABIS Technology Ltd. Co. BAPSİS allows Exploitation of Trusted Identifiers. This issue affects BAPSİS: before v.202604152042...
PT-2026-40000
Authorization bypass through User-Controlled key vulnerability in ABIS Technology Ltd. Co. BAPSİS allows Exploitation of Trusted Identifiers. This issue affects BAPSİS: before v.202604152042...
ABIS BAPSİS 安全漏洞
ABIS BAPSİS is a research information system developed by the Turkish company ABIS, aimed at university research projects, academic budgets, and administrative processes management. Previous versions of ABIS BAPSİS, such as v.202604152042, contained security vulnerabilities. These vulnerabilities...
CVE-2026-1619
Authorization Bypass Through User-Controlled Key vulnerability in Universal Software Inc. FlexCity/Kiosk allows Exploitation of Trusted Identifiers.This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36...
CVE-2026-1619
Authorization Bypass Through User-Controlled Key vulnerability in Universal Software Inc. FlexCity/Kiosk allows Exploitation of Trusted Identifiers.This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36...
CVE-2026-1619
CVE-2026-1619 is an authorization bypass in Universal Software Inc.'s FlexCity/Kiosk (versions 1.0 up to 1.0.35). The vulnerability stems from a user-controlled key that enables exploitation of trusted identifiers, with CVSS 3.1: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L (base score 8.3). Affected prod...
PT-2026-7990
Name of the Vulnerable Software and Affected Versions Universal Software Inc. FlexCity/Kiosk versions prior to 1.0.36 Description An authorization bypass exists in FlexCity/Kiosk due to exploitation of trusted identifiers through a user-controlled key. This allows unauthorized access...
Universal FlexCity/Kiosk 安全漏洞
Universal FlexCity/Kiosk is a smart city self-service terminal system developed by the Turkish company Universal. Versions of Universal FlexCity/Kiosk from 1.0 to 1.0.36 contained security vulnerabilities. These vulnerabilities stemmed from bypassing authorization using user control keys,...