14 matches found
EUVD-2024-44151
Malicious code in bioql PyPI...
EUVD-2024-44150
Malicious code in bioql PyPI...
Janto Ticketing 数据伪造问题漏洞
Janto Ticketing is a ticketing software from Janto. A data forgery issue vulnerability exists in versions of Janto Ticketing prior to r12, which stems from insufficient data authenticity validation and allows an unauthorized user to change a password to reset the content of an email...
Janto Ticketing 安全漏洞
Janto Ticketing is a ticketing software from Janto. A security vulnerability exists in versions of Janto Ticketing prior to r12, which stems from the presence of an unauthenticated password change feature that allows an unauthorized user to change another person's password...
CVE-2024-4538
IDOR vulnerability in Janto Ticketing Software affecting version 4.3r10. This vulnerability could allow a remote user to obtain a user's event ticket by creating a specific request with the ticket reference ID, leading to the exposure of sensitive user data...
CVE-2024-4537
IDOR vulnerability in Janto Ticketing Software affecting version 4.3r10. This vulnerability could allow a remote user to obtain the download URL of another user to obtain the purchased ticket...
CVE-2024-4538 IDOR vulnerability in Janto Ticketing Software
IDOR vulnerability in Janto Ticketing Software affecting version 4.3r10. This vulnerability could allow a remote user to obtain a user's event ticket by creating a specific request with the ticket reference ID, leading to the exposure of sensitive user data...
CVE-2024-4538 IDOR vulnerability in Janto Ticketing Software
IDOR vulnerability in Janto Ticketing Software affecting version 4.3r10. This vulnerability could allow a remote user to obtain a user's event ticket by creating a specific request with the ticket reference ID, leading to the exposure of sensitive user data...
CVE-2024-4538
CVE-2024-4538 is an IDOR vulnerability in Janto Ticketing Software, affecting version 4.3r10. The issue allows a remote attacker to obtain a user’s event ticket by crafting a request using the ticket reference ID, resulting in exposure of sensitive user data. The provided metrics indicate a CVSS ...
CVE-2024-4537 IDOR vulnerability in Janto Ticketing Software
IDOR vulnerability in Janto Ticketing Software affecting version 4.3r10. This vulnerability could allow a remote user to obtain the download URL of another user to obtain the purchased ticket...
CVE-2024-4537
CVE-2024-4537 describes an IDOR vulnerability in Janto Ticketing Software version 4.3r10. The issue could allow a remote attacker to obtain another user’s download URL to access purchased tickets, indicating a potential confidentiality impact. Server-side access control appears insufficient to pr...
CVE-2024-4537 IDOR vulnerability in Janto Ticketing Software
IDOR vulnerability in Janto Ticketing Software affecting version 4.3r10. This vulnerability could allow a remote user to obtain the download URL of another user to obtain the purchased ticket...
Janto Ticketing 安全漏洞
Janto Ticketing is a ticketing software from Janto. A security vulnerability exists in Janto Ticketing version 4.3r10, which originates from a vulnerability that allows a remote user to obtain other users' download URLs to obtain purchased tickets...
Janto Ticketing 安全漏洞
Janto Ticketing is a ticketing software from Janto. A security vulnerability exists in Janto Ticketing version 4.3r10, which originated from a vulnerability that allows a remote user to obtain a user's event ticket by creating a specific request using the ticket's reference ID, resulting in the...