Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:10 p.m.8 views

CVE-2022-30760

An Insecure Direct Object Reference IDOR issue in fn2Web in ihb eG FlexNow before 2.04.09.016 allows remote authenticated attackers to obtain sensitive student information final grades, study courses, degrees by changing the student ID parameter in the HTTP POST request to the FrontControllerSS...

4.3CVSS6.2AI score0.00904EPSS
Exploits1References1
NVD
NVD
added 2022/06/09 4:15 p.m.21 views

CVE-2022-30760

An Insecure Direct Object Reference IDOR issue in fn2Web in ihb eG FlexNow before 2.04.09.016 allows remote authenticated attackers to obtain sensitive student information final grades, study courses, degrees by changing the student ID parameter in the HTTP POST request to the FrontControllerSS...

4.3CVSS0.00904EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/06/09 4:15 p.m.4 views

CVE-2022-30760

An Insecure Direct Object Reference IDOR issue in fn2Web in ihb eG FlexNow before 2.04.09.016 allows remote authenticated attackers to obtain sensitive student information final grades, study courses, degrees by changing the student ID parameter in the HTTP POST request to the FrontControllerSS...

4.3CVSS5.9AI score0.00904EPSS
Exploits1References3
CVE
CVE
added 2022/06/09 3:14 p.m.60 views

CVE-2022-30760

Vulnerability context: CVE-2022-30760 affects the ihb eG FlexNow product (fn2Web) prior to version 2.04.09.016. The issue is an insecure direct object reference (IDOR) that allows remote authenticated users to access sensitive student data by altering the student ID parameter in a POST to the Fro...

4.3CVSS4.2AI score0.00904EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder