242 matches found
CVE-2023-27260 Unauthenticated SQL Injection In IDAttend’s IDWeb Application
Unauthenticated SQL injection in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers...
CVE-2023-27260
CVE-2023-27260 affects IDAttend’s IDWeb application (versions up to 3.1.052). The connected documents describe an unauthenticated SQL injection in the GetAssignmentsDue method, allowing extraction or modification of all data. The vulnerability is network-accessible with no privileges and no user ...
CVE-2023-27260 Unauthenticated SQL Injection In IDAttend’s IDWeb Application
Unauthenticated SQL injection in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers...
CVE-2023-27261 Missing Authentication In IDAttend’s IDWeb Application
Missing authentication in the DeleteAssignments method in IDAttend’s IDWeb application 3.1.052 and earlier allows deletion of data by unauthenticated attackers...
CVE-2023-27261
CVE-2023-27261 affects IDAttend’s IDWeb application, version 3.1.052 and earlier. The root cause is missing authentication in the DeleteAssignments method, enabling unauthenticated actors to delete data. Reported impact states data deletion possible without credentials; CVSS bases show Medium sev...
CVE-2023-27261 Missing Authentication In IDAttend’s IDWeb Application
Missing authentication in the DeleteAssignments method in IDAttend’s IDWeb application 3.1.052 and earlier allows deletion of data by unauthenticated attackers...
CVE-2023-27377
CVE-2023-27377 affects IDAttend’s IDWeb app (versions 3.1.052 and earlier). The root cause is missing authentication in the StudentPopupDetails_EmergencyContactDetails method, enabling unauthenticated attackers to exfiltrate sensitive student data over the network. The cvss 3.1 data indicates hig...
CVE-2023-27377 Missing Authentication In IDAttend’s IDWeb Application
Missing authentication in the StudentPopupDetailsEmergencyContactDetails method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction of sensitive student data by unauthenticated attackers...
CVE-2023-27377 Missing Authentication In IDAttend’s IDWeb Application
Missing authentication in the StudentPopupDetailsEmergencyContactDetails method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction of sensitive student data by unauthenticated attackers...
CVE-2023-27376 Missing Authentication In IDAttend’s IDWeb Application
Missing authentication in the StudentPopupDetailsStudentDetails method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction of sensitive student data by unauthenticated attackers...
CVE-2023-27376 Missing Authentication In IDAttend’s IDWeb Application
Missing authentication in the StudentPopupDetailsStudentDetails method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction of sensitive student data by unauthenticated attackers...
CVE-2023-27376
CVE-2023-27376 affects IDAttend IDWeb (versions 3.1.052 and earlier). The root cause is missing authentication in the StudentPopupDetails_StudentDetails method, enabling unauthenticated attackers to extract sensitive student data. Documents indicate the vulnerability exists in IDWeb v3.1.052 and ...
CVE-2023-27375
The vulnerability CVE-2023-27375 affects the IDAttend IDWeb application (versions 3.1.052 and earlier). The root cause is missing authentication in the StudentPopupDetails_ContactDetails method, enabling unauthenticated attackers to extract sensitive student data. Impact is described as high conf...
CVE-2023-27375 Missing Authentication In IDAttend’s IDWeb Application
Missing authentication in the StudentPopupDetailsContactDetails method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction of sensitive student data by unauthenticated attackers...
CVE-2023-27375 Missing Authentication In IDAttend’s IDWeb Application
Missing authentication in the StudentPopupDetailsContactDetails method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction of sensitive student data by unauthenticated attackers...
CVE-2023-27259 Missing Authentication In IDAttend’s IDWeb Application
Missing authentication in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction of sensitive student and teacher data by unauthenticated attackers...
CVE-2023-27259
IDAttend IDWeb application, versions 3.1.052 and earlier, has a vulnerability in the GetAssignmentsDue method where missing authentication allows unauthenticated extraction of sensitive student and teacher data. Root cause: incomplete access control enabling data exposure. Impact: confidential da...
CVE-2023-27259 Missing Authentication In IDAttend’s IDWeb Application
Missing authentication in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction of sensitive student and teacher data by unauthenticated attackers...
CVE-2023-27258 Missing Authentication In IDAttend’s IDWeb Application
Missing authentication in the GetStudentGroupStudents method in IDAttend’s IDWeb application 3.1.052 and earlier allows retrieval of student and teacher data by unauthenticated attackers...
CVE-2023-27258 Missing Authentication In IDAttend’s IDWeb Application
Missing authentication in the GetStudentGroupStudents method in IDAttend’s IDWeb application 3.1.052 and earlier allows retrieval of student and teacher data by unauthenticated attackers...