6 matches found
CVE-2025-48477
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the application's logic requires the user to perform a correct sequence of actions to implement a functional capability, but the application allows access to the functional capability without correctly...
Design/Logic Flaw
Applications which spawn a Toast notification in a background thread may have obscured fullscreen notifications displayed by Firefox. This issue only affects Android versions of Firefox and Firefox Focus. This vulnerability affects Firefox 121...
Attacker is able to bypass 2FA verification during 2FA disable due to application logic flaw
Description An attacker is able to bypass 2FA verification during 2FA disable function of user and restrict user from accessing his account due to a application logic flaw Proof of Concept First of all let us consider a scenario where a user has left his account open on a public device library or...
i3 International Annexxus Cameras Ax-n 5.2.0 Application Logic Flaw
i3 International Annexxus Cameras Ax-n 5.2.0 Application Logic Flaw Vendor: i3 International Inc. Product web page: https://www.i3international.com Affected version: V5.2.0 build 150317 Ax46 V5.0.9 build 151106 Ax68 V5.0.9 build 150615 Ax78 Summary: The Annexxus camera 6MP provides 4 simultaneous...
i3 International Annexxus Cameras Ax-n 5.2.0 - Application Logic Flaw
Exploit Title: i3 International Annexxus Cameras Ax-n 5.2.0 - Application Logic Flaw Date: 27.10.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.i3international.com i3 International Annexxus Cameras Ax-n 5.2.0 Application Logic Flaw Vendor: i3 International Inc. Product web page:...
Pornhub: Private videos can be added to our playlists
The researcher discovered a way to add a user's private videos to a different user's playlist by way of a specially crafted request. Note that it is not possible to view another user's private video using this method IDOR/application logic flaw...