Vulmon
Recent Vulnerabilities
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
insecure direct object reference vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2016-10734
ProjectSend (formerly cFTP) r582 allows Insecure Direct Object Reference via includes/actions.log.export.php....
1 Github repository available
NA
CVE-2019-19259
GitLab Enterprise Edition (EE) 11.3 and later through 12.5 allows an Insecure Direct Object Reference (IDOR)....
312
VMScore
CVE-2018-15693
Inova Partner 5.0.5-RELEASE, Build 0510-0906 and earlier allows authenticated users authorization bypass via insecure direct object reference....
NA
CVE-2016-10930
The wp-support-plus-responsive-ticket-system plugin before 7.1.0 for WordPress has insecure direct object reference via a ticket number....
NA
CVE-2020-8235
Missing access control in Nextcloud Deck 1.0.4 caused an insecure direct object reference allowing an attacker to view all attachments....
NA
CVE-2020-7948
An issue was discovered in the Login by Auth0 plugin before 4.0.0 for WordPress. A user can perform an insecure direct object reference....
NA
CVE-2019-12866
An Insecure Direct Object Reference, with Authorization Bypass through a User-Controlled Key, was possible in JetBrains YouTrack. The issue was fixed in 2018.4.49168....
356
VMScore
CVE-2018-16970
Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct object reference (IDOR) attacks to download non-purchased course files via a modified id parameter....
668
VMScore
CVE-2012-1565
Unspecified vulnerability in ez Publish 4.1.4, 4.2, 4.3, 4.4, 4.5, and 4.6 has unknown impact and attack vectors related to an insecure direct object reference....
668
VMScore
CVE-2019-8395
An Insecure Direct Object Reference (IDOR) vulnerability exists in Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10007 via an attachment to a request....
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-2046
blind SQL injection
CVE-2019-8791
race condition
CVE-2021-2045
CVE-2019-8792
bypass
CVE-2021-2060
CVE-2021-2123
1
2
3
4
5
NEXT »