4470 matches found
CVE-2025-50340
CVE-2025-50340 affects SOGo Webmail up to version 5.6.0 (authenticated IDOR). The vulnerability lets an authenticated user send emails on behalf of other users by manipulating a sender identity in the email-sending request, due to insufficient verification of authorization to use the specified se...
CVE-2025-50849
CS Cart 4.18.3 is vulnerable to Insecure Direct Object Reference IDOR. The user profile functionality allows enabling or disabling stickers through a parameter companyid sent in the request. However, this operation is not properly validated on the server side. An authenticated user can manipulate...
CS Cart 安全漏洞
CS Cart is an e-commerce system from CS Cart Inc. in the United States. A security vulnerability exists in CS Cart version 4.18.3, which stems from an insecure direct object reference that could lead to unauthorized manipulation of other user accounts...
CVE-2025-50849
CS Cart 4.18.3 is affected by CVE-2025-50849: an Insecure Direct Object Reference (IDOR) in the user profile function via the company_id parameter allows an authenticated user to alter another user’s sticker setting due to insufficient server-side validation. Root cause: improper validation of ob...
CVE-2025-50849
CS Cart 4.18.3 is vulnerable to Insecure Direct Object Reference IDOR. The user profile functionality allows enabling or disabling stickers through a parameter companyid sent in the request. However, this operation is not properly validated on the server side. An authenticated user can manipulate...
CVE-2025-50849
CS Cart 4.18.3 is vulnerable to Insecure Direct Object Reference IDOR. The user profile functionality allows enabling or disabling stickers through a parameter companyid sent in the request. However, this operation is not properly validated on the server side. An authenticated user can manipulate...
PT-2025-31549 · Cs Cart · Cs-Cart
Name of the Vulnerable Software and Affected Versions: CS Cart version 4.18.3 Description: CS Cart is susceptible to an Insecure Direct Object Reference IDOR issue. The user profile functionality does not properly validate server-side operations when enabling or disabling stickers. An authenticat...
Insecure Direct Object Reference (IDOR)
in2code/powermail is vulnerable to Insecure Direct Object Reference IDOR. The vulnerability is due to insufficient access control on file download functionality, which allows an attacker to download arbitrary files from the webserver...
Insecure Direct Object Reference (IDOR)
in2code/femanager is vulnerable to Insecure Direct Object Reference IDOR. The vulnerability is due to insufficient access control due to direct access to user data objects without proper authorization checks, allowing unauthorized modification of user data...
CVE-2025-6585
The WP JobHunt plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 7.2 via the csremoveprofilecallback function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level...
CVE-2025-51862
Insecure Direct Object Reference IDOR vulnerability in TelegAI telegai.com thru 2025-05-26 in its chat component. An attacker can exploit this IDOR to tamper other users' conversation. Additionally, malicious contents and XSS payloads can be injected, leading to phishing attack, user spoofing and...
CVE-2025-51865
Ai2 playground web service playground.allenai.org LLM chat through 2025-06-03 is vulnerable to Insecure Direct Object Reference IDOR, allowing attackers to gain sensitvie information via enumerating thread keys in the URL...
CVE-2025-51867
Insecure Direct Object Reference IDOR vulnerability in Deepfiction AI deepfiction.ai thru June 3, 2025, allowing attackers to chat with the LLM using other users' credits via sensitive information gained by the /browse/stories endpoint...
CVE-2025-51869
Insecure Direct Object Reference IDOR vulnerability in Liner thru 2025-06-03 allows attackers to gain sensitive information via crafted spaceid, threadid, and messageid parameters to the v1/space/spaceid/thread/threadid/message/messageid endpoint...
CVE-2025-51868
Insecure Direct Object Reference IDOR vulnerability in Dippy chat.dippy.ai v2 allows attackers to gain sensitive information via the conversationid parameter to the conversationhistory endpoint...
CVE-2025-51865
Ai2 playground web service playground.allenai.org LLM chat through 2025-06-03 is vulnerable to Insecure Direct Object Reference IDOR, allowing attackers to gain sensitvie information via enumerating thread keys in the URL...
CVE-2025-51862
Insecure Direct Object Reference IDOR vulnerability in TelegAI telegai.com thru 2025-05-26 in its chat component. An attacker can exploit this IDOR to tamper other users' conversation. Additionally, malicious contents and XSS payloads can be injected, leading to phishing attack, user spoofing and...
CVE-2025-51867
Insecure Direct Object Reference IDOR vulnerability in Deepfiction AI deepfiction.ai thru June 3, 2025, allowing attackers to chat with the LLM using other users' credits via sensitive information gained by the /browse/stories endpoint...
GHSA-RC5F-3HFV-JXP2 Femanager extension for TYPO3 allows Insecure Direct Object Reference
The femanager extension for TYPO3 allows Insecure Direct Object Reference resulting in unauthorized modification of userdata. This issue affects femanager version 6.4.1 and below, 7.0.0 to 7.5.2 and 8.0.0 to 8.3.0...
GHSA-X769-3CWV-F8HC Powermail extension for TYPO3 allows Insecure Direct Object Reference
The powermail extension for TYPO3 allows Insecure Direct Object Reference resulting in download of arbitrary files from the webserver. This issue affects powermail version 12.0.0 up to 12.5.2 and version 13.0.0...