Design/Logic Flaw

Faveo 5.0.1 allows remote attackers to obtain sensitive information via a modified user ID in an Insecure Direct Object Reference IDOR attack...

Cross site request forgery (csrf)

Cybozu Garoon 3.5 through 3.7 SP2 allows remote attackers to bypass Keitai authentication via a modified user ID in a request...

Design/Logic Flaw

Eucalyptus before 3.1.1 does not properly restrict the binding of external SOAP web-services messages, which allows remote authenticated users to gain privileges by sending a message to 1 Cloud Controller or 2 Walrus with the internal message format and a modified user id...

DEBIAN-CVE-2006-6016

wp-admin/user-edit.php in WordPress before 2.0.5 allows remote authenticated users to read the metadata of an arbitrary user via a modified userid parameter...

PT-2006-6663 · WordPress · Wordpress

Name of the Vulnerable Software and Affected Versions: WordPress versions prior to 2.0.5 Description: The issue allows remote authenticated users to read the metadata of an arbitrary user via a modified user id parameter in the 'wp-admin/user-edit.php' page. Recommendations: For versions prior to...