Total
541 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-6226 | 1 Getshortcodes | 1 Shortcodes Ultimate | 2023-12-04 | N/A | 4.3 MEDIUM |
| The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.13.3 via the su_meta shortcode due to missing validation on the user controlled keys 'key' and 'post_id'. This makes it possible for authenticated attackers, with contributor-level access and above, to retrieve arbitrary post meta values which may contain sensitive information when combined with another plugin. | |||||
| CVE-2023-48304 | 1 Nextcloud | 1 Nextcloud Server | 2023-12-01 | N/A | 4.3 MEDIUM |
| Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Server and starting in version 22.0.0 and prior to versions 22.2.10.16, 23.0.12.11, 24.0.12.7, 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Enterprise Server, an attacker could enable and disable the birthday calendar for any user on the same server. Nextcloud Server 25.0.11, 26.0.6, and 27.1.0 and Nextcloud Enterprise Server 22.2.10.16, 23.0.12.11, 24.0.12.7, 25.0.11, 26.0.6, and 27.1.0 contain patches for this issue. No known workarounds are available. | |||||
| CVE-2023-33706 | 1 Sysaid | 1 Sysaid | 2023-11-30 | N/A | 6.5 MEDIUM |
| SysAid before 23.2.15 allows Indirect Object Reference (IDOR) attacks to read ticket data via a modified sid parameter to EmailHtmlSourceIframe.jsp or a modified srID parameter to ShowMessage.jsp. | |||||
| CVE-2023-38884 | 1 Os4ed | 1 Opensis | 2023-11-30 | N/A | 7.5 HIGH |
| An Insecure Direct Object Reference (IDOR) vulnerability in the Community Edition version 9.0 of openSIS Classic allows an unauthenticated remote attacker to access any student's files by visiting '/assets/studentfiles/<studentId>-<filename>' | |||||
| CVE-2023-47316 | 1 H-mdm | 1 Headwind Mdm | 2023-11-30 | N/A | 5.4 MEDIUM |
| Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control. The Web panel allows users to gain access to potentially sensitive API calls such as listing users and their data, file management API calls and audit-related API calls. | |||||
| CVE-2023-6144 | 1 Armanidrisi | 1 Dev Blog | 2023-11-29 | N/A | 4.8 MEDIUM |
| Dev blog v1.0 allows to exploit an account takeover through the "user" cookie. With this, an attacker can access any user's session just by knowing their username. | |||||
| CVE-2023-43900 | 1 Emsigner | 1 Emsigner | 2023-11-17 | N/A | 6.5 MEDIUM |
| Insecure Direct Object References (IDOR) in EMSigner v2.8.7 allow attackers to gain unauthorized access to application content and view sensitive data of other users via manipulation of the documentID and EncryptedDocumentId parameters. | |||||
| CVE-2023-45380 | 1 Silbersaiten | 1 Order Duplicator | 2023-11-15 | N/A | 8.8 HIGH |
| In the module "Order Duplicator " Clone and Delete Existing Order" (orderduplicate) in version <= 1.1.7 from Silbersaiten for PrestaShop, a guest can download personal information without restriction. Due to a lack of permissions control, a guest can download personal information from ps_customer/ps_address tables such as name / surname / phone number / full postal address. | |||||
| CVE-2023-5544 | 3 Fedoraproject, Moodle, Redhat | 3 Fedora, Moodle, Enterprise Linux | 2023-11-15 | N/A | 5.4 MEDIUM |
| Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk. | |||||
| CVE-2022-29008 | 1 Phpgurukul | 1 Bus Pass Management System | 2023-11-14 | 4.0 MEDIUM | 6.5 MEDIUM |
| An insecure direct object reference (IDOR) vulnerability in the viewid parameter of Bus Pass Management System v1.0 allows attackers to access sensitive information. | |||||
| CVE-2023-41356 | 1 Wisdomgarden | 1 Tronclass Ilearn | 2023-11-14 | N/A | 6.5 MEDIUM |
| NCSIST ManageEngine Mobile Device Manager(MDM) APP's special function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and read arbitrary system files. | |||||
| CVE-2023-43668 | 1 Apache | 1 Inlong | 2023-11-14 | N/A | 9.8 CRITICAL |
| Authorization Bypass Through User-Controlled Key vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.8.0, some sensitive params checks will be bypassed, like "autoDeserizalize","allowLoadLocalInfile".... . Users are advised to upgrade to Apache InLong's 1.9.0 or cherry-pick [1] to solve it. [1] https://github.com/apache/inlong/pull/8604 | |||||
| CVE-2023-38965 | 1 Oretnom23 | 1 Lost And Found Information System | 2023-11-13 | N/A | 9.8 CRITICAL |
| Lost and Found Information System 1.0 allows account takeover via username and password to a /classes/Users.php?f=save URI. | |||||
| CVE-2023-4836 | 1 Userprivatefiles | 1 Wordpress File Sharing Plugin | 2023-11-08 | N/A | 4.3 MEDIUM |
| The WordPress File Sharing Plugin WordPress plugin before 2.0.5 does not check authorization before displaying files and folders, allowing users to gain access to those filed by manipulating IDs which can easily be brute forced | |||||
| CVE-2023-4213 | 1 Mikevanwinkle | 1 Simplr Registration Form Plus\+ | 2023-11-07 | N/A | 8.8 HIGH |
| The Simplr Registration Form Plus+ plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 2.4.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for authenticated attackers with subscriber-level permissions or above to change user passwords and potentially take over administrator accounts. | |||||
| CVE-2023-45396 | 1 Elenos | 2 Etg150, Etg150 Firmware | 2023-11-07 | N/A | 6.5 MEDIUM |
| An Insecure Direct Object Reference (IDOR) vulnerability leads to events profiles access in Elenos ETG150 FM transmitter running on version 3.12. | |||||
| CVE-2023-3219 | 1 Myeventon | 1 Eventon | 2023-11-07 | N/A | 5.3 MEDIUM |
| The EventON WordPress plugin before 2.1.2 does not validate that the event_id parameter in its eventon_ics_download ajax action is a valid Event, allowing unauthenticated visitors to access any Post (including unpublished or protected posts) content via the ics export functionality by providing the numeric id of the post. | |||||
| CVE-2023-37543 | 1 Cacti | 1 Cacti | 2023-11-07 | N/A | 7.5 HIGH |
| Cacti before 1.2.6 allows IDOR (Insecure Direct Object Reference) for accessing any graph via a modified local_graph_id parameter to graph_xport.php. This is a different vulnerability than CVE-2019-16723. | |||||
| CVE-2023-30960 | 1 Palantir | 1 Foundry Job-tracker | 2023-11-07 | N/A | 4.3 MEDIUM |
| A security defect was discovered in Foundry job-tracker that enabled users to query metadata related to builds on resources they did not have access to. This defect was resolved with the release of job-tracker 4.645.0. The service was rolled out to all affected Foundry instances. No further intervention is required. | |||||
| CVE-2023-30956 | 1 Palantir | 1 Foundry Comments | 2023-11-07 | N/A | 5.3 MEDIUM |
| A security defect was identified in Foundry Comments that enabled a user to discover the contents of an attachment submitted to another comment if they knew the internal UUID of the target attachment. This defect was resolved with the release of Foundry Comments 2.267.0. | |||||