CVE-2018-25129
CVE-2018-25129 affects the SOCA Access Control System (version 180612). The issue is insecure direct object references that allow access to sensitive credentials via unprotected endpoints Get_Permissions_From_DB.php and Ac10_ReadSortCard, enabling retrieval of password hashes and pins. Affected c...