5 matches found
EUVD-2019-9230
Malware in sbrugna...
CVE-2019-19616
An Insecure Direct Object Reference IDOR vulnerability in the Xtivia Web Time and Expense WebTE interface used for Microsoft Dynamics NAV before 2017 allows an attacker to download arbitrary files by specifying arbitrary values for the recId and filename parameters of the /Home/GetAttachment...
CVE-2019-19616
An Insecure Direct Object Reference IDOR vulnerability in the Xtivia Web Time and Expense WebTE interface used for Microsoft Dynamics NAV before 2017 allows an attacker to download arbitrary files by specifying arbitrary values for the recId and filename parameters of the /Home/GetAttachment...
CVE-2019-19616
CVE-2019-19616 concerns an insecure direct object reference in the Xtivia Web Time and Expense (WebTE) interface for Microsoft Dynamics NAV prior to 2017. The vulnerability occurs in the /Home/GetAttachment function, where an attacker can download arbitrary files by supplying arbitrary values for...
CVE-2019-19616
An Insecure Direct Object Reference IDOR vulnerability in the Xtivia Web Time and Expense WebTE interface used for Microsoft Dynamics NAV before 2017 allows an attacker to download arbitrary files by specifying arbitrary values for the recId and filename parameters of the /Home/GetAttachment...