16 matches found
EUVD-2019-7931
Malware in sbrugna...
EUVD-2019-7930
Malware in sbrugna...
CVE-2019-17605
A mass assignment vulnerability in eyecomms eyeCMS through 2019-10-15 allows any candidate to take over another candidate's account by also exploiting CVE-2019-17604 via a modified candidate id and an additional password parameter. The outcome is that the password of this other candidate is chang...
CVE-2019-17604
An Insecure Direct Object Reference IDOR vulnerability in eyecomms eyeCMS through 2019-10-15 allows any candidate to change other candidates' personal information first name, last name, email, CV, phone number, and all other personal information by changing the value of the candidate id the id...
Unspecified Vulnerability in eyecomms eyeCMS
eyecomms eyeCMS is a content management system CMS from eyecomms Oman. A security vulnerability exists in eyecomms eyeCMS 2019-10-15 and earlier versions. An attacker can exploit the vulnerability to take control of other user accounts...
eyecomms eyeCMS Insecure Direct Object Reference (IDOR) Vulnerability
eyecomms eyeCMS is a content management system CMS from eyecomms Oman. A security vulnerability exists in eyecomms eyeCMS 2019-10-15 and earlier versions. An attacker can exploit the vulnerability by modifying the 'id' parameter to modify personal information name, email, phone, resume and other...
CVE-2019-17604
An Insecure Direct Object Reference IDOR vulnerability in eyecomms eyeCMS through 2019-10-15 allows any candidate to change other candidates' personal information first name, last name, email, CV, phone number, and all other personal information by changing the value of the candidate id the id...
CVE-2019-17605
A mass assignment vulnerability in eyecomms eyeCMS through 2019-10-15 allows any candidate to take over another candidate's account by also exploiting CVE-2019-17604 via a modified candidate id and an additional password parameter. The outcome is that the password of this other candidate is chang...
CVE-2019-17605
A mass assignment vulnerability in eyecomms eyeCMS through 2019-10-15 allows any candidate to take over another candidate's account by also exploiting CVE-2019-17604 via a modified candidate id and an additional password parameter. The outcome is that the password of this other candidate is chang...
CVE-2019-17604
An Insecure Direct Object Reference IDOR vulnerability in eyecomms eyeCMS through 2019-10-15 allows any candidate to change other candidates' personal information first name, last name, email, CV, phone number, and all other personal information by changing the value of the candidate id the id...
Design/Logic Flaw
A mass assignment vulnerability in eyecomms eyeCMS through 2019-10-15 allows any candidate to take over another candidate's account by also exploiting CVE-2019-17604 via a modified candidate id and an additional password parameter. The outcome is that the password of this other candidate is chang...
Design/Logic Flaw
An Insecure Direct Object Reference IDOR vulnerability in eyecomms eyeCMS through 2019-10-15 allows any candidate to change other candidates' personal information first name, last name, email, CV, phone number, and all other personal information by changing the value of the candidate id the id...
CVE-2019-17604
An Insecure Direct Object Reference IDOR vulnerability in eyecomms eyeCMS through 2019-10-15 allows any candidate to change other candidates' personal information first name, last name, email, CV, phone number, and all other personal information by changing the value of the candidate id the id...
CVE-2019-17604
CVE-2019-17604 is an Insecure Direct Object Reference (IDOR) vulnerability in eyecomms eyeCMS up to 2019-10-15. An attacker can modify the id parameter to change other candidates’ personal information (e.g., first name, last name, email, CV, phone, etc.). The related Red Hat CVE-2019-17604 entry ...
CVE-2019-17605
CVE-2019-17605 affects eyecomms eyeCMS (≤2019-10-15). A mass-assignment flaw lets an attacker modify a candidate id and add a password parameter to take over another candidate’s account, resulting in the other user’s password being changed. This is reported alongside CVE-2019-17604, an Insecure D...
CVE-2019-17605
A mass assignment vulnerability in eyecomms eyeCMS through 2019-10-15 allows any candidate to take over another candidate's account by also exploiting CVE-2019-17604 via a modified candidate id and an additional password parameter. The outcome is that the password of this other candidate is chang...