13 matches found
EUVD-2025-34078
Liferay Account Admin Web vulnerable to Authorization Bypass Through User-Controlled Key...
CVE-2025-62242
Insecure Direct Object Reference IDOR vulnerability with account addresses in Liferay Portal 7.4.3.4 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 GA through update 92 allows remote authenticated users to from one account to view addresses fr...
CVE-2025-62242
Insecure Direct Object Reference IDOR vulnerability with account addresses in Liferay Portal 7.4.3.4 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 GA through update 92 allows remote authenticated users to from one account to view addresses fr...
CVE-2025-62242
Insecure Direct Object Reference IDOR vulnerability with account addresses in Liferay Portal 7.4.3.4 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 GA through update 92 allows remote authenticated users to from one account to view addresses fr...
CVE-2025-62242
CVE-2025-62242 describes an IDOR in Liferay, affecting Liferay Portal 7.4.3.4–7.4.3.111 and Liferay DXP 2023.Q3.1–Q4.5, plus 7.4 GA up to update 92. The vulnerability allows remote authenticated users to view addresses from another account by supplying AccountEntriesAdminPortlet_addressId in the ...
PT-2025-41803
Name of the Vulnerable Software and Affected Versions Liferay Portal versions 7.4.3.4 through 7.4.3.111 Liferay DXP versions 2023.Q4.0 through 2023.Q4.5 Liferay DXP versions 2023.Q3.1 through 2023.Q3.8 Liferay Portal versions 7.4 GA through update 92 Description An Insecure Direct Object Referenc...
EUVD-2020-12965
Malware in sbrugna...
CVE-2023-6741
The WP Customer Area WordPress plugin before 8.2.1 does not properly validate users capabilities in some of its AJAX actions, allowing malicious users to edit other users' account address...
CVE-2023-6741
The WP Customer Area WordPress plugin before 8.2.1 does not properly validate users capabilities in some of its AJAX actions, allowing malicious users to edit other users' account address...
CVE-2020-20178
Ethereum 0xe933c0cd9784414d5f278c114904f5a84b396919code.sol latest version is affected by a denial of service vulnerability in the affected payout function. Once the length of this array is too long, it will result in an exception. Attackers can make attacks by creating a series of account...
CVE-2020-20178
Ethereum 0xe933c0cd9784414d5f278c114904f5a84b396919code.sol latest version is affected by a denial of service vulnerability in the affected payout function. Once the length of this array is too long, it will result in an exception. Attackers can make attacks by creating a series of account...
Denial of service
Ethereum 0xe933c0cd9784414d5f278c114904f5a84b396919code.sol latest version is affected by a denial of service vulnerability in the affected payout function. Once the length of this array is too long, it will result in an exception. Attackers can make attacks by creating a series of account...
CVE-2020-20178
Ethereum 0xe933c0cd9784414d5f278c114904f5a84b396919code.sol latest version is affected by a denial of service vulnerability in the affected payout function. Once the length of this array is too long, it will result in an exception. Attackers can make attacks by creating a series of account...