Total
541 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-12742 | 1 Bludit | 1 Bludit | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| Bludit prior to 3.9.1 allows a non-privileged user to change the password of any account, including admin. This occurs because of bl-kernel/admin/controllers/user-password.php Insecure Direct Object Reference (a modified username POST parameter). | |||||
| CVE-2019-7854 | 1 Magento | 1 Magento | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An insecure direct object reference (IDOR) vulnerability in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 can lead to unauthorized disclosure of company credit history details. | |||||
| CVE-2018-18976 | 1 Ascensia | 1 Contour Diabetes | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in the Ascensia Contour NEXT ONE application for iOS and Android before 2019-01-15. An attacker may retrieve encrypted medical information of any user of the Ascensia cloud platform by performing Direct Object References with a series of user ID values. (This information can be decrypted through a different vulnerability.) | |||||
| CVE-2019-8235 | 1 Magento | 1 Magento | 2020-08-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| An insecure direct object reference (IDOR) vulnerability exists in Magento 2.3 prior to 2.3.1, 2.2 prior to 2.2.8, and 2.1 prior to 2.1.17 versions. An authenticated user may be able to view personally identifiable shipping details of another user due to insufficient validation of user controlled input. | |||||
| CVE-2019-7925 | 1 Magento | 1 Magento | 2020-08-24 | 5.5 MEDIUM | 4.9 MEDIUM |
| An insecure direct object reference (IDOR) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an administrator with limited privileges to delete the downloadable products folder. | |||||
| CVE-2019-13461 | 1 Prestashop | 1 Prestashop | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| In PrestaShop before 1.7.6.0 RC2, the id_address_delivery and id_address_invoice parameters are affected by an Insecure Direct Object Reference vulnerability due to a guessable value sent to the web application during checkout. An attacker could leak personal customer information. This is PrestaShop bug #14444. | |||||
| CVE-2020-11658 | 1 Broadcom | 1 Ca Api Developer Portal | 2020-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| CA API Developer Portal 4.3.1 and earlier handles shared secret keys in an insecure manner, which allows attackers to bypass authorization. | |||||
| CVE-2020-11659 | 1 Broadcom | 1 Ca Api Developer Portal | 2020-04-20 | 4.0 MEDIUM | 4.3 MEDIUM |
| CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to perform a restricted user administration action. | |||||
| CVE-2020-7918 | 1 Totemo | 1 Totemomail | 2020-03-31 | 5.5 MEDIUM | 5.4 MEDIUM |
| An insecure direct object reference in webmail in totemo totemomail 7.0.0 allows an authenticated remote user to read and modify mail folder names of other users via enumeration. | |||||
| CVE-2020-5539 | 1 Grandit | 1 Grandit | 2020-03-04 | 6.4 MEDIUM | 6.5 MEDIUM |
| GRANDIT Ver.1.6, Ver.2.0, Ver.2.1, Ver.2.2, Ver.2.3, and Ver.3.0 do not properly manage sessions, which allows remote attackers to impersonate an arbitrary user and then alter or disclose the information via unspecified vectors. | |||||
| CVE-2020-8503 | 1 Biscom | 1 Secure File Transfer | 2020-02-05 | 3.5 LOW | 6.5 MEDIUM |
| Biscom Secure File Transfer (SFT) 5.0.1050 through 5.1.1067 and 6.0.1000 through 6.0.1003 allows Insecure Direct Object Reference (IDOR) by an authenticated sender because of an error in a file-upload feature. This is fixed in 5.1.1068 and 6.0.1004. | |||||
| CVE-2019-15581 | 1 Gitlab | 1 Gitlab | 2020-01-29 | 5.0 MEDIUM | 5.3 MEDIUM |
| An IDOR exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) that allowed a project owner or maintainer to see the members of any private group via merge request approval rules. | |||||
| CVE-2020-6859 | 1 Ultimatemember | 1 Ultimate Member | 2020-01-22 | 5.0 MEDIUM | 5.3 MEDIUM |
| Multiple Insecure Direct Object Reference vulnerabilities in includes/core/class-files.php in the Ultimate Member plugin through 2.1.2 for WordPress allow remote attackers to change other users' profiles and cover photos via a modified user_id parameter. This is related to ajax_image_upload and ajax_resize_image. | |||||
| CVE-2019-20209 | 1 Cththemes | 3 Citybook, Easybook, Townhub | 2020-01-14 | 6.4 MEDIUM | 7.5 HIGH |
| The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow nsecure Direct Object Reference (IDOR) via wp-admin/admin-ajax.php to delete any page/post/listing. | |||||
| CVE-2019-19259 | 1 Gitlab | 1 Gitlab | 2020-01-06 | 4.0 MEDIUM | 4.3 MEDIUM |
| GitLab Enterprise Edition (EE) 11.3 and later through 12.5 allows an Insecure Direct Object Reference (IDOR). | |||||
| CVE-2019-15913 | 1 Mi | 10 Dgnwg03lm, Dgnwg03lm Firmware, Mccgq01lm and 7 more | 2020-01-03 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDCGQ01LM, RTCGQ01LM devices. Because of insecure key transport in ZigBee communication, causing attackers to gain sensitive information and denial of service attack, take over smart home devices, and tamper with messages. | |||||
| CVE-2019-5469 | 1 Gitlab | 1 Gitlab | 2019-12-27 | 5.5 MEDIUM | 6.5 MEDIUM |
| An IDOR vulnerability exists in GitLab <v12.1.2, <v12.0.4, and <v11.11.6 that allowed uploading files from project archive to replace other users files potentially allowing an attacker to replace project binaries or other uploaded assets. | |||||
| CVE-2014-8356 | 1 Dasanzhone | 2 Znid 2426a, Znid 2426a Firmware | 2019-12-04 | 6.5 MEDIUM | 8.8 HIGH |
| The web administrative portal in Zhone zNID 2426A before S3.0.501 allows remote authenticated users to bypass intended access restrictions via a modified server response, related to an insecure direct object reference. | |||||
| CVE-2019-17574 | 1 Code-atlantic | 1 Popup Maker | 2019-10-18 | 6.4 MEDIUM | 9.1 CRITICAL |
| An issue was discovered in the Popup Maker plugin before 1.8.13 for WordPress. An unauthenticated attacker can partially control the arguments of the do_action function to invoke certain popmake_ or pum_ methods, as demonstrated by controlling content and delivery of popmake-system-info.txt (aka the "support debug text file"). | |||||
| CVE-2017-3183 | 1 Sage | 1 Xrt Treasury | 2019-10-09 | 6.5 MEDIUM | 8.8 HIGH |
| Sage XRT Treasury, version 3, fails to properly restrict database access to authorized users, which may enable any authenticated user to gain full access to privileged database functions. Sage XRT Treasury is a business finance management application. Database user access privileges are determined by the USER_CODE field associated with the querying user. By modifying the USER_CODE value to match that of a privileged user, a low-privileged, authenticated user may gain privileged access to the SQL database. A remote, authenticated user can submit specially crafted SQL queries to gain privileged access to the application database. | |||||