27 matches found
Externally Controlled Reference to a Resource in Another Sphere
Overview Affected versions of this package are vulnerable to Externally Controlled Reference to a Resource in Another Sphere via the Build resource creation. An attacker can gain unauthorized control over pod generation in arbitrary Kubernetes namespaces, including the operator namespace, by...
EUVD-2026-28452
Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-34327
Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network...
PT-2026-38581
Name of the Vulnerable Software and Affected Versions Microsoft Partner Center affected versions not specified Description An externally controlled reference to a resource in another sphere allows an unauthorized attacker to perform spoofing over a network. Recommendations At the moment, there is...
EUVD-2018-4445
Malware in sbrugna...
EUVD-2025-29618
Malicious code in bioql PyPI...
CVE-2025-8057
CVE-2025-8057 concerns an authorization bypass in Patika Global Technologies’ HumanSuite. The issue arises from a user‑controlled key that enables an externally controlled reference to a resource in another sphere, leading to improper authorization. Affected product/version: HumanSuite prior to 5...
CVE-2025-8057 IDOR in Patika Global Technologies' HumanSuite
Authorization Bypass Through User-Controlled Key, Externally Controlled Reference to a Resource in Another Sphere, Improper Authorization vulnerability in Patika Global Technologies HumanSuite allows Exploiting Trust in Client. This issue affects HumanSuite: before 53.21.0...
CVE-2025-8057
Authorization Bypass Through User-Controlled Key, Externally Controlled Reference to a Resource in Another Sphere, Improper Authorization vulnerability in Patika Global Technologies HumanSuite allows Exploiting Trust in Client. This issue affects HumanSuite: before 53.21.0...
CVE-2025-2875
CWE-610: Externally Controlled Reference to a Resource in Another Sphere vulnerability exists that could cause a loss of confidentiality when an unauthenticated attacker manipulates controller’s webserver URL to access resources...
Exploit for External Control of File Name or Path in Moodle
CVE-2023-30943Moodle self-xss Отказ от ответственности...
Exploit for CVE-2022-30190
AmzWord an automated attack chain based on CVE-2022-30190, 16...
QNAP Photo Station Vulnerability (QSA-22-24)
QNAP Photo Station is prone to an externally controlled reference to a resource vulnerability which is e.g. used by the DeadBolt ransomware campaign. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...
QNAP Photo Station Externally Controlled Reference Vulnerability
Certain QNAP NAS running Photo Station with internet exposure contain an externally controlled reference to a resource vulnerability which can allow an attacker to modify system files. This vulnerability was observed being utilized in a Deadbolt ransomware campaign...
Exploit for CVE-2022-30190
CVE-2022-30190EXPPowerPoint This is exploit of CVE-2022-301...
Exploit for CVE-2022-30190
Follina-CVE-2022-30190 Proof of Concept by Nee Usage ba...
Exploit for CVE-2022-30190
Follina-CVE-2022-30190 Proof of Concept by Nee Usage ba...
Exploit for CVE-2022-30190
CVE-2022-30190 CVE-2022-30190 CVE-2022-30190 Follina POC Hos...
Exploit for CVE-2022-30190
CVE-2022-30190-follina Just another PoC for the new MSDT-Explo...
Exploit for CVE-2022-30190
CVE-2022-30190 Usag...