561 matches found
PT-2026-34333
An insecure direct object reference IDOR vulnerability in the Fullstep V5 registration process allows authenticated users to access data belonging to other registered users through various vulnerable authenticated resources in the application. The vulnerable endpoints result from:...
CVE-2026-41056
WWBN AVideo is an open source video platform. In versions 29.0 and below, the allowOrigin$allowAll=true function in objects/functions.php reflects any arbitrary Origin header back in Access-Control-Allow-Origin along with Access-Control-Allow-Credentials: true. This function is called by both...
CVE-2026-41057
WWBN AVideo is an open source video platform. In versions 29.0 and below, the CORS origin validation fix in commit 986e64aad is incomplete. Two separate code paths still reflect arbitrary Origin headers with credentials allowed for all /api/ endpoints: 1 plugin/API/router.php lines 4-8...
CVE-2026-41057
WWBN AVideo is an open source video platform. In versions 29.0 and below, the CORS origin validation fix in commit 986e64aad is incomplete. Two separate code paths still reflect arbitrary Origin headers with credentials allowed for all /api/ endpoints: 1 plugin/API/router.php lines 4-8...
CVE-2026-41057
CVE-2026-41057 affects WWBN AVideo (versions 29.0 and below). The issue arises from two incomplete CORS mitigations: (1) in plugin/API/router.php (lines 4–8) the server unconditionally reflects arbitrary Origin before application code runs, and (2) get.json.php and set.json.php call allowOrigin(t...
CVE-2026-40907
Summary: WWBN AVideo 29.0 and earlier contains an Insecure Direct Object Reference (IDOR) in the endpoint plugin/Live/view/Live_restreams/list.json.php. This allows any authenticated user with streaming permission to view other users’ live restream configurations, exposing third‑party platform st...
WWBN AVideo 访问控制错误漏洞
WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 29.0 contained an access control vulnerability. This vulnerability stemmed from incomplete CORS origin validation repairs, as two code paths still reflected arbitrary Origin...
CVE-2026-33708
Chamilo LMS is a learning management system. Prior to 1.11.38, the getuserinfofromusername REST API endpoint returns personal information email, first name, last name, user ID, active status of any user to any authenticated user, including students. There is no authorization check. This...
CVE-2026-33736 Chamilo LMS has an Insecure Direct Object Reference (IDOR) - User Data Exposure
Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, any authenticated user including ROLESTUDENT can enumerate all platform users and access personal information email, phone, roles via GET /api/users, including administrator accounts. This vulnerability is fixed in 2.0.0-RC.3...
CVE-2026-33736 Chamilo LMS has an Insecure Direct Object Reference (IDOR) - User Data Exposure
Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, any authenticated user including ROLESTUDENT can enumerate all platform users and access personal information email, phone, roles via GET /api/users, including administrator accounts. This vulnerability is fixed in 2.0.0-RC.3...
EUVD-2026-21563
Chamilo LMS is a learning management system. Prior to 1.11.38, the getuserinfofromusername REST API endpoint returns personal information email, first name, last name, user ID, active status of any user to any authenticated user, including students. There is no authorization check. This...
PT-2026-32023
Chamilo LMS is a learning management system. Prior to 1.11.38, the get user info from username REST API endpoint returns personal information email, first name, last name, user ID, active status of any user to any authenticated user, including students. There is no authorization check. This...
CVE-2026-39937 Global vanishing does not completely remove user email
Improper removal of sensitive information before storage or transfer vulnerability in The Wikimedia Foundation Mediawiki - CentralAuth Extension allows Resource Leak Exposure. The issue has been remediated on the master branch, and in the release branches for MediaWiki versions 1.43, 1.44, and 1....
CVE-2026-28766 Gardyn Cloud API Missing Authentication for Critical Function
A specific endpoint exposes all user account information for registered Gardyn users without requiring authentication...
CVE-2026-28766
A specific endpoint exposes all user account information for registered Gardyn users without requiring authentication...
GHSA-77JP-MGCW-RFMR AVideo vulnerable to Mass User PII Disclosure via Missing Authorization in YPTWallet users.json.php
Severity: High CWE: CWE-862 Missing Authorization Summary The plugin/YPTWallet/view/users.json.php endpoint returns all platform users with their personal information and wallet balances to any authenticated user. The endpoint checks User::isLogged but does not check User::isAdmin, so any...
AVideo vulnerable to Mass User PII Disclosure via Missing Authorization in YPTWallet users.json.php
Severity: High CWE: CWE-862 Missing Authorization Summary The plugin/YPTWallet/view/users.json.php endpoint returns all platform users with their personal information and wallet balances to any authenticated user. The endpoint checks User::isLogged but does not check User::isAdmin, so any...
WWBN AVideo 安全漏洞
WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 26.0 contained security vulnerabilities. These vulnerabilities stemmed from a lack of administrator permission checks at the plugin/YPTWallet/view/users.json.php endpoint, which...
PT-2026-29353
Name of the Vulnerable Software and Affected Versions AVideo versions 26.0 and prior Description The plugin/YPTWallet/view/users.json.php endpoint in AVideo allows any authenticated user to access personal information and wallet balances of all platform users. The endpoint incorrectly checks...
CVE-2026-33638
Ech0 is an open-source, self-hosted publishing platform for personal idea sharing. Prior to version 4.2.0, GET /api/allusers is mounted as a public endpoint and returns user records without authentication. This allows remote unauthenticated user enumeration and exposure of user profile metadata. ...