2 matches found
CVE-2025-2271
A vulnerability exists in Issuetrak v17.2.2 and prior that allows a low-privileged user to access audit results of other users by exploiting an Insecure Direct Object Reference IDOR vulnerability in the Issuetrak audit component. The vulnerability enables unauthorized access to sensitive...
PT-2024-24211 · Unknown · Nexsys-One
Name of the Vulnerable Software and Affected Versions: NEXSYS-ONE versions prior to v.Rev.15320 Description: The issue allows a remote attacker to obtain sensitive information via a crafted request. This is a result of a Directory Traversal vulnerability. Recommendations: For versions prior to...