Total
1315 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-2877 | 1 Cm-wp | 1 Titan Anti-spam \& Security | 2024-11-21 | N/A | 5.3 MEDIUM |
|
The Titan Anti-spam & Security WordPress plugin before 7.3.1 does not properly checks HTTP headers in order to validate the origin IP address, allowing threat actors to bypass it's block feature by spoofing the headers.
|
|||||
| CVE-2022-2808 | 1 Algan | 1 Prens Student Information System | 2024-11-21 | N/A | 8.8 HIGH |
|
Authorization Bypass Through User-Controlled Key vulnerability in Algan Software Prens Student Information System allows Object Relational Mapping Injection.This issue affects Prens Student Information System: before 2.1.11.
|
|||||
| CVE-2022-2730 | 1 Open-emr | 1 Openemr | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Authorization Bypass Through User-Controlled Key in GitHub repository openemr/openemr prior to 7.0.0.1.
|
|||||
| CVE-2022-2535 | 1 Searchwp | 1 Searchwp Live Ajax Search | 2024-11-21 | N/A | 5.3 MEDIUM |
|
The SearchWP Live Ajax Search WordPress plugin before 1.6.2 does not ensure that users making a live search are limited to published posts only, allowing unauthenticated users to make a crafted query disclosing private/draft/pending post titles along with their permalink
|
|||||
| CVE-2022-2499 | 1 Gitlab | 1 Gitlab | 2024-11-21 | N/A | 3.5 LOW |
|
An issue has been discovered in GitLab EE affecting all versions starting from 13.10 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. GitLab's Jira integration has an insecure direct object reference vulnerability that may be exploited by an attacker to leak Jira issues.
|
|||||
| CVE-2022-2367 | 1 Wsm Downloader Project | 1 Wsm Downloader | 2024-11-21 | N/A | 7.5 HIGH |
|
The WSM Downloader WordPress plugin through 1.4.0 allows only specific popular websites to download images/files from, this can be bypassed due to the lack of good "link" parameter validation
|
|||||
| CVE-2022-2312 | 1 Student Result Or Employee Database Project | 1 Student Result Or Employee Database | 2024-11-21 | N/A | 5.4 MEDIUM |
|
The Student Result or Employee Database WordPress plugin before 1.7.5 does not have CSRF in its AJAX actions, allowing attackers to make logged in user with a role as low as contributor to add/edit and delete students via CSRF attacks. Furthermore, due to the lack of sanitisation and escaping, it could also lead to Stored Cross-Site scripting
|
|||||
| CVE-2022-2243 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 4.0 MEDIUM | 5.0 MEDIUM |
|
An access control vulnerability in GitLab EE/CE affecting all versions from 14.8 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1, allows authenticated users to enumerate issues in non-linked sentry projects.
|
|||||
| CVE-2022-2198 | 1 2code | 1 Wpqa Builder | 2024-11-21 | N/A | 4.3 MEDIUM |
|
The WPQA Builder WordPress plugin before 5.7 which is a companion plugin to the Hilmer and Discy , does not check authorization before displaying private messages, allowing any logged in user to read other users private message using the message id, which can easily be brute forced.
|
|||||
| CVE-2022-2193 | 1 Hypr | 1 Hypr Server | 2024-11-21 | N/A | 7.5 HIGH |
|
Insecure Direct Object Reference vulnerability in HYPR Server before version 6.14.1 allows remote authenticated attackers to add a FIDO2 authenticator to arbitrary accounts via parameter tampering in the Device Manager page. This issue affects: HYPR Server versions prior to 6.14.1.
|
|||||
| CVE-2022-2080 | 1 Automattic | 1 Sensei Lms | 2024-11-21 | N/A | 4.3 MEDIUM |
|
The Sensei LMS WordPress plugin before 4.5.2 does not ensure that the sender of a private message is either the teacher or the original sender, allowing any authenticated user to send messages to arbitrary private conversation via a IDOR attack. Note: Attackers are not able to see responses/messages between the teacher and student
|
|||||
| CVE-2022-2034 | 1 Automattic | 1 Sensei Lms | 2024-11-21 | N/A | 5.3 MEDIUM |
|
The Sensei LMS WordPress plugin before 4.5.0 does not have proper permissions set in one of its REST endpoint, allowing unauthenticated users to access private messages sent to teachers
|
|||||
| CVE-2022-29627 | 1 Online Market Place Site Project | 1 Online Market Place Site | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
|
An insecure direct object reference (IDOR) in Online Market Place Site v1.0 allows attackers to modify products that are owned by other sellers.
|
|||||
| CVE-2022-29159 | 1 Nextcloud | 1 Deck | 2024-11-21 | 4.0 MEDIUM | 5.0 MEDIUM |
|
Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud. In versions prior to 1.4.8, 1.5.6, and 1.6.1, an authenticated user can move stacks with cards from their own board to a board of another user. The Nextcloud Deck app contains a patch for this issue in versions 1.4.8, 1.5.6, and 1.6.1. There are no known currently-known workarounds available.
|
|||||
| CVE-2022-29008 | 1 Phpgurukul | 1 Bus Pass Management System | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
An insecure direct object reference (IDOR) vulnerability in the viewid parameter of Bus Pass Management System v1.0 allows attackers to access sensitive information.
|
|||||
| CVE-2022-28986 | 1 Lmsdoctor | 1 2 Factor Authentication | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
LMS Doctor Simple 2 Factor Authentication Plugin For Moodle Affected: 2021072900 has an Insecure direct object references (IDOR) vulnerability, which allows remote attackers to update sensitive records such as email, password and phone number of other user accounts.
|
|||||
| CVE-2022-27247 | 1 Cdsoft | 1 Winhotel.mx | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
onlinetolls in cdSoft Onlinetools-Smart Winhotel.MX 2021 allows an attacker to download sensitive information about any customer (e.g., data of birth, full address, mail information, and phone number) via GastKont Insecure Direct Object Reference.
|
|||||
| CVE-2022-27108 | 1 Orangehrm | 1 Orangehrm | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
|
OrangeHRM 4.10 is vulnerable to Insecure Direct Object Reference (IDOR) via the end point symfony/web/index.php/time/createTimesheet`. Any user can create a timesheet in another user's account.
|
|||||
| CVE-2022-26665 | 1 Tylertech | 1 Odyssey Portal | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An Insecure Direct Object Reference issue exists in the Tyler Odyssey Portal platform before 17.1.20. This may allow an external party to access sensitive case records.
|
|||||
| CVE-2022-26254 | 1 Wowonder | 1 Wowonder | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
WoWonder The Ultimate PHP Social Network Platform v4.0.0 was discovered to contain an access control issue which allows unauthenticated attackers to arbitrarily change group ID names.
|
|||||
| CVE-2022-25471 | 1 Open-emr | 1 Openemr | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
|
An Insecure Direct Object Reference (IDOR) vulnerability in OpenEMR 6.0.0 allows any authenticated attacker to access and modify unauthorized areas via a crafted POST request to /modules/zend_modules/public/Installer/register.
|
|||||
| CVE-2022-25336 | 1 Ibexa | 1 Ez Platform Kernel | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
|
Ibexa DXP ezsystems/ezpublish-kernel 7.5.x before 7.5.26 and 1.3.x before 1.3.12 allows Insecure Direct Object Reference (IDOR) attacks against image files because the image path and filename can be correctly deduced.
|
|||||
| CVE-2022-24979 | 1 Mittwald | 1 Varnishcache | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
An issue was discovered in the Varnishcache extension before 2.0.1 for TYPO3. The Edge Site Includes (ESI) content element renderer component does not include an access check. This allows an unauthenticated user to render various content elements, resulting in insecure direct object reference (IDOR), with the potential of exposing internal content elements.
|
|||||
| CVE-2022-24401 | 1 Midnightblue | 1 Tetra\ | 2024-11-21 | N/A | 8.8 HIGH |
|
Adversary-induced keystream re-use on TETRA air-interface encrypted traffic using any TEA keystream generator. IV generation is based upon several TDMA frame counters, which are frequently broadcast by the infrastructure in an unauthenticated manner. An active adversary can manipulate the view of these counters in a mobile station, provoking keystream re-use. By sending crafted messages to the MS and analyzing MS responses, keystream for arbitrary frames can be recovered.
|
|||||
| CVE-2022-24400 | 1 Midnightblue | 1 Tetra\ | 2024-11-21 | N/A | 7.5 HIGH |
|
A flaw in the TETRA authentication procecure allows a MITM adversary that can predict the MS challenge RAND2 to set session key DCK to zero.
|
|||||
| CVE-2022-23856 | 1 Saviynt | 1 Enterprise Identity Cloud | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. An attacker can enumerate users by changing the id parameter, such as for the ECM/maintenance/forgotpasswordstep1 URI.
|
|||||
| CVE-2022-23173 | 1 Priority-software | 1 Priority | 2024-11-21 | 6.5 MEDIUM | 5.5 MEDIUM |
|
this vulnerability affect user that even not allowed to access via the web interface. First of all, the attacker needs to access the "Login menu - demo site" then he can see in this menu all the functionality of the application. If the attacker will try to click on one of the links, he will get an answer that he is not authorized because he needs to log in with credentials. after he performed log in to the system there are some functionalities that the specific user is not allowed to perform bec ...
Show More |
|||||
| CVE-2022-23061 | 1 Shopizer | 1 Shopizer | 2024-11-21 | 5.5 MEDIUM | 6.5 MEDIUM |
|
In Shopizer versions 2.0 to 2.17.0 a regular admin can permanently delete a superadmin (although this cannot happen according to the documentation) via Insecure Direct Object Reference (IDOR) vulnerability.
|
|||||
| CVE-2022-22832 | 1 Servisnet | 1 Tessa | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
An issue was discovered in Servisnet Tessa 0.0.2. Authorization data is available via an unauthenticated /data-service/users/ request.
|
|||||
| CVE-2022-22828 | 1 Synametrics | 1 Synaman | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An insecure direct object reference for the file-download URL in Synametrics SynaMan before 5.0 allows a remote attacker to access unshared files via a modified base64-encoded filename string.
|
|||||
| CVE-2022-22331 | 1 Ibm | 1 Partner Engagement Manager | 2024-11-21 | 5.5 MEDIUM | 7.1 HIGH |
|
IBM SterlingPartner Engagement Manager 6.2.0 could allow a remote authenticated attacker to obtain sensitive information or modify user details caused by an insecure direct object vulnerability (IDOR). IBM X-Force ID: 219130.
|
|||||
| CVE-2022-22190 | 1 Juniper | 1 Paragon Active Assurance Control Center | 2024-11-21 | 4.3 MEDIUM | 7.4 HIGH |
|
An Improper Access Control vulnerability in the Juniper Networks Paragon Active Assurance Control Center allows an unauthenticated attacker to leverage a crafted URL to generate PDF reports, potentially containing sensitive configuration information. A feature was introduced in version 3.1 of the Paragon Active Assurance Control Center which allows users to selective share account data using a unique identifier. Knowing the proper format of the URL and the identifier of an existing object in an ...
Show More |
|||||
| CVE-2022-21713 | 3 Fedoraproject, Grafana, Netapp | 3 Fedora, Grafana, E-series Performance Analyzer | 2024-11-21 | 3.5 LOW | 4.3 MEDIUM |
|
Grafana is an open-source platform for monitoring and observability. Affected versions of Grafana expose multiple API endpoints which do not properly handle user authorization. `/teams/:teamId` will allow an authenticated attacker to view unintended data by querying for the specific team ID, `/teams/:search` will allow an authenticated attacker to search for teams and see the total number of available teams, including for those teams that the user does not have access to, and `/teams/:teamId/mem ...
Show More |
|||||
| CVE-2022-1996 | 2 Fedoraproject, Go-restful Project | 2 Fedora, Go-restful | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.
|
|||||
| CVE-2022-1881 | 1 Octopus | 1 Octopus Server | 2024-11-21 | N/A | 5.3 MEDIUM |
|
In affected versions of Octopus Server an Insecure Direct Object Reference vulnerability exists where it is possible for a user to download Project Exports from a Project they do not have permissions to access. This vulnerability only impacts projects within the same Space.
|
|||||
| CVE-2022-1810 | 1 Publify Project | 1 Publify | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
|
Authorization Bypass Through User-Controlled Key in GitHub repository publify/publify prior to 9.2.9.
|
|||||
| CVE-2022-1614 | 1 Wp-email Project | 1 Wp-email | 2024-11-21 | 4.3 MEDIUM | 7.5 HIGH |
|
The WP-EMail WordPress plugin before 2.69.0 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based anti-spamming restrictions.
|
|||||
| CVE-2022-1600 | 1 Yop-poll | 1 Yop Poll | 2024-11-21 | N/A | 5.3 MEDIUM |
|
The YOP Poll WordPress plugin before 6.4.3 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based limitations to vote in certain situations.
|
|||||
| CVE-2022-1580 | 1 Freehtmldesigns | 1 Site Offline | 2024-11-21 | N/A | 4.3 MEDIUM |
|
The Site Offline Or Coming Soon Or Maintenance Mode WordPress plugin before 1.5.3 prevents users from accessing a website but does not do so if the URL contained certain keywords. Adding those keywords to the URL's query string would bypass the plugin's main feature.
|
|||||
| CVE-2022-1461 | 1 Open-emr | 1 Openemr | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Non Privilege User can Enable or Disable Registered in GitHub repository openemr/openemr prior to 6.1.0.1.
|
|||||