Total
543 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-0865 | 1 Woocommerce Multiple Customer Addresses \& Shipping Project | 1 Woocommerce Multiple Customer Addresses \& Shipping | 2024-02-04 | N/A | 8.8 HIGH |
| The WooCommerce Multiple Customer Addresses & Shipping WordPress plugin before 21.7 does not ensure that the address to add/update/retrieve/delete and duplicate belong to the user making the request, or is from a high privilege users, allowing any authenticated users, such as subscriber to add/update/duplicate/delete as well as retrieve addresses of other users. | |||||
| CVE-2023-30550 | 1 Metersphere | 1 Metersphere | 2024-02-04 | N/A | 4.5 MEDIUM |
| MeterSphere is an open source continuous testing platform, covering functions such as test tracking, interface testing, UI testing, and performance testing. This IDOR vulnerability allows the administrator of a project to modify other projects under the workspace. An attacker can obtain some operating permissions. The issue has been fixed in version 2.9.0. | |||||
| CVE-2023-23679 | 1 Jshelpdesk | 1 Jshelpdesk | 2024-02-04 | N/A | 8.8 HIGH |
| Authorization Bypass Through User-Controlled Key vulnerability in JS Help Desk js-support-ticket allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JS Help Desk: from n/a through 2.7.7. | |||||
| CVE-2023-24625 | 1 Ladybirdweb | 1 Faveo Servicedesk | 2024-02-04 | N/A | 6.5 MEDIUM |
| Faveo 5.0.1 allows remote attackers to obtain sensitive information via a modified user ID in an Insecure Direct Object Reference (IDOR) attack. | |||||
| CVE-2023-2751 | 1 Upload Resume Project | 1 Upload Resume | 2024-02-04 | N/A | 5.3 MEDIUM |
| The Upload Resume WordPress plugin through 1.2.0 does not validate the captcha parameter when uploading a resume via the resume_upload_form shortcode, allowing unauthenticated visitors to upload arbitrary media files to the site. | |||||
| CVE-2023-0967 | 1 Imaworldhealth | 1 Bhima | 2024-02-04 | N/A | 6.5 MEDIUM |
| Bhima version 1.27.0 allows an attacker authenticated with normal user permissions to view sensitive data of other application users and data that should only be viewed by the administrator. This is possible because the application is vulnerable to IDOR, it does not properly validate user permissions with respect to certain actions the user can perform. | |||||
| CVE-2022-36247 | 1 Shopbeat | 1 Shop Beat Media Player | 2024-02-04 | N/A | 9.1 CRITICAL |
| Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to IDOR via controlpanel.shopbeat.co.za. | |||||
| CVE-2023-3063 | 1 Smartypantsplugins | 1 Sp Project \& Document Manager | 2024-02-04 | N/A | 8.8 HIGH |
| The SP Project & Document Manager plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 4.67. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for authenticated attackers with subscriber privileges or above, to change user passwords and potentially take over administrator accounts. | |||||
| CVE-2023-2844 | 1 Fit2cloud | 1 Cloudexplorer Lite | 2024-02-04 | N/A | 4.9 MEDIUM |
| Authorization Bypass Through User-Controlled Key in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0. | |||||
| CVE-2023-24842 | 1 Hgiga | 1 Oaklouds Mailsherlock | 2024-02-04 | N/A | 5.3 MEDIUM |
| HGiga MailSherlock has vulnerability of insufficient access control. An unauthenticated remote user can exploit this vulnerability to access partial content of another user’s mail by changing user ID and mail ID within URL. | |||||
| CVE-2023-1889 | 1 Wpwax | 1 Directorist | 2024-02-04 | N/A | 6.5 MEDIUM |
| The Directorist plugin for WordPress is vulnerable to an Insecure Direct Object Reference in versions up to, and including, 7.5.4. This is due to improper validation and authorization checks within the listing_task function. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to delete arbitrary posts. | |||||
| CVE-2018-17455 | 1 Gitlab | 1 Gitlab | 2024-02-04 | N/A | 7.5 HIGH |
| An issue was discovered in GitLab Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. Attackers could obtain sensitive information about group names, avatars, LDAP settings, and descriptions via an insecure direct object reference to the "merge request approvals" feature. | |||||
| CVE-2022-45175 | 1 Liveboxcloud | 1 Vdesk | 2024-02-04 | N/A | 6.5 MEDIUM |
| An issue was discovered in LIVEBOX Collaboration vDesk through v018. An Insecure Direct Object Reference can occur under the 5.6.5-3/doc/{ID-FILE]/c/{N]/{C]/websocket endpoint. A malicious unauthenticated user can access cached files in the OnlyOffice backend of other users by guessing the file ID of a target file. | |||||
| CVE-2023-2065 | 1 Armoli | 1 Cargo Tracking System | 2024-02-04 | N/A | 8.8 HIGH |
| Authorization Bypass Through User-Controlled Key vulnerability in Armoli Technology Cargo Tracking System allows Authentication Abuse, Authentication Bypass.This issue affects Cargo Tracking System: before 3558f28 . | |||||
| CVE-2023-33956 | 1 Kanboard | 1 Kanboard | 2024-02-04 | N/A | 6.5 MEDIUM |
| Kanboard is open source project management software that focuses on the Kanban methodology. Versions prior to 1.2.30 are subject to an Insecure direct object reference (IDOR) vulnerability present in the application's URL parameter. This vulnerability enables any user to read files uploaded by any other user, regardless of their privileges or restrictions. By Changing the file_id any user can render all the files where MimeType is image uploaded under **/files** directory regard less of uploaded by any user. This vulnerability poses a significant impact and severity to the application's security. By manipulating the URL parameter, an attacker can access sensitive files that should only be available to authorized users. This includes confidential documents or any other type of file stored within the application. The ability to read these files can lead to various detrimental consequences, such as unauthorized disclosure of sensitive information, privacy breaches, intellectual property theft, or exposure of trade secrets. Additionally, it could result in legal and regulatory implications, reputation damage, financial losses, and potential compromise of user trust. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-3048 | 1 Tmtmakine | 2 Lockcell, Lockcell Firmware | 2024-02-04 | N/A | 9.8 CRITICAL |
| Authorization Bypass Through User-Controlled Key vulnerability in TMT Lockcell allows Authentication Abuse, Authentication Bypass.This issue affects Lockcell: before 15. | |||||
| CVE-2022-4097 | 1 Updraftplus | 1 All-in-one Security | 2024-02-04 | N/A | 5.3 MEDIUM |
| The All-In-One Security (AIOS) WordPress plugin before 5.0.8 is susceptible to IP Spoofing attacks, which can lead to bypassed security features (like IP blocks, rate limiting, brute force protection, and more). | |||||
| CVE-2022-1581 | 1 Wp-polls Project | 1 Wp-polls | 2024-02-04 | N/A | 5.3 MEDIUM |
| The WP-Polls WordPress plugin before 2.76.0 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based limitations to vote in certain situations. | |||||
| CVE-2022-4686 | 1 Usememos | 1 Memos | 2024-02-04 | N/A | 9.8 CRITICAL |
| Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.0. | |||||
| CVE-2021-36539 | 1 Instructure | 1 Canvas Learning Management Service | 2024-02-04 | N/A | 6.5 MEDIUM |
| Instructure Canvas LMS didn't properly deny access to locked/unpublished files when the unprivileged user access the DocViewer based file preview URL (canvadoc_session_url). | |||||