6 matches found
PT-2023-21036 · Idweb · Idweb
Name of the Vulnerable Software and Affected Versions: IDWeb application versions 3.1.052 and earlier Description: The issue concerns missing authentication in the GetActiveToiletPasses method, allowing unauthenticated attackers to retrieve student information. Recommendations: For versions 3.1.0...
PT-2023-21084 · Idweb · Idweb
Name of the Vulnerable Software and Affected Versions: IDWeb application versions 3.1.052 and earlier Description: The issue is related to missing authentication in the StudentPopupDetails EmergencyContactDetails method, allowing unauthenticated attackers to extract sensitive student data...
PT-2023-20737 · Idweb · Idweb
Name of the Vulnerable Software and Affected Versions: IDWeb application versions 3.1.052 and earlier Description: The issue concerns missing authentication in the SetStudentNotes method, allowing unauthenticated attackers to modify student data. Recommendations: For IDWeb application versions...
PT-2023-20742 · Idweb · Idweb
Name of the Vulnerable Software and Affected Versions: IDWeb application versions 3.1.052 and earlier Description: The issue is related to missing authentication in the SearchStudentsRFID method, allowing unauthenticated attackers to extract sensitive student data. Recommendations: For versions...
PT-2023-20743 · Idattend · Idweb
Name of the Vulnerable Software and Affected Versions: IDAttend's IDWeb application versions 3.1.052 and earlier Description: The issue allows attackers to hijack the browsing session of the logged-in user through stored cross-site scripting in the IDWeb application. Recommendations: For versions...
PT-2023-21040 · Idweb · Idweb
Name of the Vulnerable Software and Affected Versions: IDWeb application versions 3.1.052 and earlier Description: The issue concerns missing authentication in the DeleteAssignments method, allowing unauthenticated attackers to delete data. Recommendations: For versions 3.1.052 and earlier,...