Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
insecure direct object reference vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-42067
Online Birth Certificate Management System version 1.0 suffers from an Insecure Direct Object Reference (IDOR) vulnerability
Online Birth Certificate Management System Project Online Birth Certificate Management System 1.0
356
VMScore
CVE-2019-19259
GitLab Enterprise Edition (EE) 11.3 and later up to and including 12.5 allows an Insecure Direct Object Reference (IDOR).
Gitlab Gitlab
356
VMScore
CVE-2018-16606
In ProConf prior to 6.1, an Insecure Direct Object Reference (IDOR) allows any author to view and grab all submitted papers (Title and Abstract) and their authors' personal information (Name, Email, Organization, and Position) by changing the value of Paper ID (the pid param...
Proconf Proconf
NA
CVE-2024-33818
Globitel KSA SpeechLog v8.1 exists to contain an Insecure Direct Object Reference (IDOR) via the userID parameter.
312
VMScore
CVE-2018-15693
Inova Partner 5.0.5-RELEASE, Build 0510-0906 and previous versions allows authenticated users authorization bypass via insecure direct object reference.
Inova-software Inova Partner
356
VMScore
CVE-2020-8235
Missing access control in Nextcloud Deck 1.0.4 caused an insecure direct object reference allowing an malicious user to view all attachments.
Nextcloud Deck 1.0.4
NA
CVE-2023-49339
Ellucian Banner 9.17 allows Insecure Direct Object Reference (IDOR) via a modified bannerId to the /StudentSelfService/ssb/studentCard/retrieveData endpoint.
1 Github repository
NA
CVE-2024-5166
An Insecure Direct Object Reference in Google Cloud's Looker allowed metadata exposure across authenticated Looker users sharing the same LookML model.
356
VMScore
CVE-2021-3380
Insecure direct object reference (IDOR) vulnerability in ICREM H8 SSRMS allows malicious users to disclose sensitive information via the Print Invoice Functionality.
Height8tech H8 Ssrms -
NA
CVE-2023-36238
Insecure Direct Object Reference (IDOR) in Bagisto v.1.5.1 allows an malicious user to obtain sensitive information via the invoice ID parameter.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »