3 matches found
CVE-2024-50619
Vulnerabilities in the My Account and User Management components in CIPPlanner CIPAce before 9.17 allows attackers to escalate their access levels. A low-privileged authenticated user can gain access to other people's accounts by tampering with the client's user id to change their account...
CVE-2025-61118
mCarFix Motorists App version 2.3 package name com.skytop.mcarfix, developed by Paniel Mwaura, contains improper access control vulnerabilities. Attackers may bypass verification to arbitrarily register accounts, and by tampering with sequential numeric IDs, gain unauthorized access to user data...
The Scratch Channel 输入验证错误漏洞
The Scratch Channel is a project site of The Scratch Channel open source. An input validation error vulnerability exists in version 1 of The Scratch Channel, which stems from the fact that local storage can be edited, potentially leading to account information tampering...