CVE-2018-16608

In Monstra CMS 3.0.4, an attacker with 'Editor' privileges can change the password of the administrator via an admin/index.php?id=users&action=edit&userid=1, Insecure Direct Object Reference IDOR...

CVE-2018-16608

In Monstra CMS 3.0.4, an attacker with 'Editor' privileges can change the password of the administrator via an admin/index.php?id=users&action=edit&userid=1, Insecure Direct Object Reference IDOR...

CVE-2018-16704

An issue was discovered in Gleez CMS v1.2.0. Because of an Insecure Direct Object Reference vulnerability, it is possible for attackers logged in users to view profile page of other users, as demonstrated by navigating to user/3 on demo.gleezcms.org...

CVE-2018-16704

An issue was discovered in Gleez CMS v1.2.0. Because of an Insecure Direct Object Reference vulnerability, it is possible for attackers logged in users to view profile page of other users, as demonstrated by navigating to user/3 on demo.gleezcms.org...

Design/Logic Flaw

An issue was discovered in Gleez CMS v1.2.0. Because of an Insecure Direct Object Reference vulnerability, it is possible for attackers logged in users to view profile page of other users, as demonstrated by navigating to user/3 on demo.gleezcms.org...

CVE-2018-16704

An issue was discovered in Gleez CMS v1.2.0. Because of an Insecure Direct Object Reference vulnerability, it is possible for attackers logged in users to view profile page of other users, as demonstrated by navigating to user/3 on demo.gleezcms.org...

CVE-2018-16704

CVE-2018-16704 affects Gleez CMS v1.2.0. The issue is an Insecure Direct Object Reference that allows authenticated users to view the profile page of other users, demonstrated by accessing /user/3 on demo.gleezcms.org. This is a user-authorization bypass that could expose profile details to other...

CVE-2018-16606

In ProConf before 6.1, an Insecure Direct Object Reference IDOR allows any author to view and grab all submitted papers Title and Abstract and their authors' personal information Name, Email, Organization, and Position by changing the value of Paper ID the pid parameter...

CVE-2018-16606

In ProConf before 6.1, an Insecure Direct Object Reference IDOR allows any author to view and grab all submitted papers Title and Abstract and their authors' personal information Name, Email, Organization, and Position by changing the value of Paper ID the pid parameter...

CVE-2018-16606

In ProConf before 6.1, an Insecure Direct Object Reference IDOR allows any author to view and grab all submitted papers Title and Abstract and their authors' personal information Name, Email, Organization, and Position by changing the value of Paper ID the pid parameter...

CVE-2018-16606

CVE-2018-16606 is an IDOR flaw in ProConf prior to 6.1 that lets any author view all submitted papers (titles/abstracts) and associated authors’ personal information (name, email, organization, position) by altering the Paper ID (pid parameter). Exploitation details in the sources show a PoC wher...

Design/Logic Flaw

In Vanilla before 2.6.1, the polling functionality allows Insecure Direct Object Reference IDOR via the Poll ID, leading to the ability of a single user to select multiple Poll Options e.g., vote for multiple items...

CVE-2018-15833

In Vanilla before 2.6.1, the polling functionality allows Insecure Direct Object Reference IDOR via the Poll ID, leading to the ability of a single user to select multiple Poll Options e.g., vote for multiple items...

CVE-2018-15833

In Vanilla Forums, versions before 2.6.1 are affected by an IDOR issue in the polling feature. The vulnerability arises because the Poll ID can be manipulated, allowing a single user to select multiple poll options (voting for multiple items). The impact is the unintended multiple-option voting w...

OSCAR EMR 15.21beta361 XSS / Disclosure / CSRF / Insecure Direct Object Reference

Title: Multiple vulnerabilities in OSCAR EMR Product: OSCAR EMR Vendor: Oscar McMaster Tested version: 15.21beta361 Remediation status: Unknown Reported by: Brian D. Hysell ----- Product Description: "OSCAR is open-source Electronic Medical Record EMR software that was first developed at McMaster...

Yelp: I.D.O.R To Order,Book,Buy,reserve On YELP FOR FREE (UNAUTHORIZED USE OF OTHER USER'S CREDIT CARD)

@hk755a found an Insecure Direct Object Reference IDOR Vulnerability that allowed an attacker to pay with someone else's registered credit card, while ordering food with Grubhub through the /checkout/transactionplatform endpoint. No credit card information was disclosed as a result of this...

U.S. Dept Of Defense: ████ █████ exposes highly sensitive information to public

Summary: www.██████ is a system used by ██████ for vendors to upload details of their technology for review by ███. Due to an insecure direct object reference vulnerability, all vendor uploads are accessible to the public, without authentication. This includes Unclass//FOUO documents, documents...

Design/Logic Flaw

YamlDotNet version 4.3.2 and earlier contains a Insecure Direct Object Reference vulnerability in The default behavior of Deserializer.Deserialize will deserialize user-controlled types in the line "currentType = Type.GetTypenodeEvent.Tag.Substring1, throwOnError: false;" and blindly instantiates...

CVE-2018-1000210

YamlDotNet version 4.3.2 and earlier contains a Insecure Direct Object Reference vulnerability in The default behavior of Deserializer.Deserialize will deserialize user-controlled types in the line "currentType = Type.GetTypenodeEvent.Tag.Substring1, throwOnError: false;" and blindly instantiates...

CVE-2018-1000210

YamlDotNet versions 4.3.2 and earlier contain an Insecure Direct Object Reference vulnerability in Deserializer.Deserialize(), which can blindly instantiate user-controlled types via currentType = Type.GetType(...). This can enable code execution in the running process when parsing specially craf...