Total
505 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-44249 | 1 Fortinet | 2 Fortianalyzer, Fortimanager | 2023-12-21 | N/A | 6.5 MEDIUM |
| An authorization bypass through user-controlled key [CWE-639] vulnerability in Fortinet FortiManager version 7.4.0 and before 7.2.3 and FortiAnalyzer version 7.4.0 and before 7.2.3 allows a remote attacker with low privileges to read sensitive information via crafted HTTP requests. | |||||
| CVE-2023-48641 | 1 Archerirm | 1 Archer | 2023-12-15 | N/A | 8.8 HIGH |
| Archer Platform 6.x before 6.14 P1 HF2 (6.14.0.1.2) contains an insecure direct object reference vulnerability. An authenticated malicious user in a multi-instance installation could potentially exploit this vulnerability by manipulating application resource references in user requests to bypass authorization checks, in order to gain execute access to AWF application resources. | |||||
| CVE-2023-46701 | 1 Mattermost | 1 Mattermost Server | 2023-12-14 | N/A | 5.3 MEDIUM |
| Mattermost fails to perform authorization checks in the /plugins/playbooks/api/v0/runs/add-to-timeline-dialog endpoint of the Playbooks plugin allowing an attacker to get limited information about a post if they know the post ID | |||||
| CVE-2023-6341 | 1 Catalisgov | 1 Cms360 | 2023-12-08 | N/A | 5.3 MEDIUM |
| Catalis (previously Icon Software) CMS360 allows a remote, unauthenticated attacker to view sensitive court documents by modifying document and other identifiers in URLs. The impact varies based on the intention and configuration of a specific CMS360 installation. | |||||
| CVE-2023-6226 | 1 Getshortcodes | 1 Shortcodes Ultimate | 2023-12-04 | N/A | 4.3 MEDIUM |
| The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.13.3 via the su_meta shortcode due to missing validation on the user controlled keys 'key' and 'post_id'. This makes it possible for authenticated attackers, with contributor-level access and above, to retrieve arbitrary post meta values which may contain sensitive information when combined with another plugin. | |||||
| CVE-2023-48304 | 1 Nextcloud | 1 Nextcloud Server | 2023-12-01 | N/A | 4.3 MEDIUM |
| Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Server and starting in version 22.0.0 and prior to versions 22.2.10.16, 23.0.12.11, 24.0.12.7, 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Enterprise Server, an attacker could enable and disable the birthday calendar for any user on the same server. Nextcloud Server 25.0.11, 26.0.6, and 27.1.0 and Nextcloud Enterprise Server 22.2.10.16, 23.0.12.11, 24.0.12.7, 25.0.11, 26.0.6, and 27.1.0 contain patches for this issue. No known workarounds are available. | |||||
| CVE-2023-33706 | 1 Sysaid | 1 Sysaid | 2023-11-30 | N/A | 6.5 MEDIUM |
| SysAid before 23.2.15 allows Indirect Object Reference (IDOR) attacks to read ticket data via a modified sid parameter to EmailHtmlSourceIframe.jsp or a modified srID parameter to ShowMessage.jsp. | |||||
| CVE-2023-38884 | 1 Os4ed | 1 Opensis | 2023-11-30 | N/A | 7.5 HIGH |
| An Insecure Direct Object Reference (IDOR) vulnerability in the Community Edition version 9.0 of openSIS Classic allows an unauthenticated remote attacker to access any student's files by visiting '/assets/studentfiles/<studentId>-<filename>' | |||||
| CVE-2023-47316 | 1 H-mdm | 1 Headwind Mdm | 2023-11-30 | N/A | 5.4 MEDIUM |
| Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control. The Web panel allows users to gain access to potentially sensitive API calls such as listing users and their data, file management API calls and audit-related API calls. | |||||
| CVE-2023-6144 | 1 Armanidrisi | 1 Dev Blog | 2023-11-29 | N/A | 4.8 MEDIUM |
| Dev blog v1.0 allows to exploit an account takeover through the "user" cookie. With this, an attacker can access any user's session just by knowing their username. | |||||
| CVE-2023-43900 | 1 Emsigner | 1 Emsigner | 2023-11-17 | N/A | 6.5 MEDIUM |
| Insecure Direct Object References (IDOR) in EMSigner v2.8.7 allow attackers to gain unauthorized access to application content and view sensitive data of other users via manipulation of the documentID and EncryptedDocumentId parameters. | |||||
| CVE-2023-45380 | 1 Silbersaiten | 1 Order Duplicator | 2023-11-15 | N/A | 8.8 HIGH |
| In the module "Order Duplicator " Clone and Delete Existing Order" (orderduplicate) in version <= 1.1.7 from Silbersaiten for PrestaShop, a guest can download personal information without restriction. Due to a lack of permissions control, a guest can download personal information from ps_customer/ps_address tables such as name / surname / phone number / full postal address. | |||||
| CVE-2023-5544 | 3 Fedoraproject, Moodle, Redhat | 3 Fedora, Moodle, Enterprise Linux | 2023-11-15 | N/A | 5.4 MEDIUM |
| Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk. | |||||
| CVE-2022-29008 | 1 Phpgurukul | 1 Bus Pass Management System | 2023-11-14 | 4.0 MEDIUM | 6.5 MEDIUM |
| An insecure direct object reference (IDOR) vulnerability in the viewid parameter of Bus Pass Management System v1.0 allows attackers to access sensitive information. | |||||
| CVE-2023-41356 | 1 Wisdomgarden | 1 Tronclass Ilearn | 2023-11-14 | N/A | 6.5 MEDIUM |
| NCSIST ManageEngine Mobile Device Manager(MDM) APP's special function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and read arbitrary system files. | |||||
| CVE-2023-43668 | 1 Apache | 1 Inlong | 2023-11-14 | N/A | 9.8 CRITICAL |
| Authorization Bypass Through User-Controlled Key vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.8.0, some sensitive params checks will be bypassed, like "autoDeserizalize","allowLoadLocalInfile".... . Users are advised to upgrade to Apache InLong's 1.9.0 or cherry-pick [1] to solve it. [1] https://github.com/apache/inlong/pull/8604 | |||||
| CVE-2023-38965 | 1 Oretnom23 | 1 Lost And Found Information System | 2023-11-13 | N/A | 9.8 CRITICAL |
| Lost and Found Information System 1.0 allows account takeover via username and password to a /classes/Users.php?f=save URI. | |||||
| CVE-2023-4836 | 1 Userprivatefiles | 1 Wordpress File Sharing Plugin | 2023-11-08 | N/A | 4.3 MEDIUM |
| The WordPress File Sharing Plugin WordPress plugin before 2.0.5 does not check authorization before displaying files and folders, allowing users to gain access to those filed by manipulating IDs which can easily be brute forced | |||||
| CVE-2023-4213 | 1 Mikevanwinkle | 1 Simplr Registration Form Plus\+ | 2023-11-07 | N/A | 8.8 HIGH |
| The Simplr Registration Form Plus+ plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 2.4.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for authenticated attackers with subscriber-level permissions or above to change user passwords and potentially take over administrator accounts. | |||||
| CVE-2023-45396 | 1 Elenos | 2 Etg150, Etg150 Firmware | 2023-11-07 | N/A | 6.5 MEDIUM |
| An Insecure Direct Object Reference (IDOR) vulnerability leads to events profiles access in Elenos ETG150 FM transmitter running on version 3.12. | |||||