Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
idor vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-45396
An Insecure Direct Object Reference (IDOR) vulnerability leads to events profiles access in Elenos ETG150 FM transmitter running on version 3.12.
Elenos Etg150 Firmware 3.12
4
CVSSv2
CVE-2019-5466
An IDOR exists in GitLab CE/EE 11.5 and later that allowed new merge requests endpoint to disclose label names.
Gitlab Gitlab
NA
CVE-2023-36238
Insecure Direct Object Reference (IDOR) in Bagisto v.1.5.1 allows an malicious user to obtain sensitive information via the invoice ID parameter.
4
CVSSv2
CVE-2022-29434
Insecure Direct Object References (IDOR) vulnerability in Spiffy Plugins Spiffy Calendar <= 4.9.0 at WordPress allows an malicious user to edit or delete events.
Spiffyplugins Spiffy Calendar
NA
CVE-2023-24625
Faveo 5.0.1 allows remote malicious users to obtain sensitive information via a modified user ID in an Insecure Direct Object Reference (IDOR) attack.
Ladybirdweb Faveo Servicedesk 5.0.1
NA
CVE-2023-45393
An indirect object reference (IDOR) in GRANDING UTime Master v9.0.7-Build:Apr 4,2023 allows authenticated malicious users to access sensitive information via a crafted cookie.
Grandingteco Utime Master 9.0.7
4
CVSSv2
CVE-2022-29008
An insecure direct object reference (IDOR) vulnerability in the viewid parameter of Bus Pass Management System v1.0 allows malicious users to access sensitive information.
Phpgurukul Bus Pass Management System 1.0
1 Github repository
4
CVSSv2
CVE-2022-29627
An insecure direct object reference (IDOR) in Online Market Place Site v1.0 allows malicious users to modify products that are owned by other sellers.
Online Market Place Site Project Online Market Place Site 1.0
2.7
CVSSv2
CVE-2020-13462
Insecure Direct Object Reference (IDOR) exists in Tufin SecureChange, affecting all versions prior to R20-2 GA. Fixed in version R20-2 GA.
Tufin Securetrack
NA
CVE-2022-34138
Insecure direct object references (IDOR) in the web server of Biltema IP and Baby Camera Software v124 allows malicious users to access sensitive information.
Biltema Baby Camera Firmware 124
Biltema Ip Camera Firmware 124
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »