PT-2025-26591 · Innoshop · Innoshop

Name of the Vulnerable Software and Affected Versions: Innoshop versions 0.4.1 and earlier Description: The issue allows for Insecure Direct Object Reference IDOR at multiple places within the frontend shop. This can be exploited by creating a customer account, allowing an attacker to disclose th...

CVE-2024-12113 Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress By KaineLabs <= 1.3.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Review Deletion

The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the deleteuserreview and deletereview functions in all versions up to, and including, 1.3.2. This...

Apple iOS 7 iPad2 Face Time 1.0.2 - Privacy Vulnerability

Document Title: =============== Apple iOS 7 iPad2 Face Time 1.0.2 - Privacy Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1087 Video: http://www.youtube.com/watch?v=7acWAEZpbgs Release Date: ============= 2013-09-24 Vulnerability Laborato...