Total
807 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-24187 | 1 Sz-fujia | 1 Ourphoto | 2025-04-29 | N/A | 7.5 HIGH |
| The user_id and device_id on the Ourphoto App version 1.4.1 /device/* end-points both suffer from insecure direct object reference vulnerabilities. Other end-users user_id and device_id values can be enumerated by incrementing or decrementing id numbers. The impact of this vulnerability allows an attacker to discover sensitive information such as end-user email addresses, and their unique frame_token value of all other Ourphoto App end-users. | |||||
| CVE-2025-1284 | 2025-04-29 | N/A | 4.3 MEDIUM | ||
| The Woocommerce Automatic Order Printing | ( Formerly WooCommerce Google Cloud Print) plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1 via the xc_woo_printer_preview AJAX action due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view other user's invoices and orders which can contain sensitive information. | |||||
| CVE-2025-3625 | 2025-04-29 | N/A | 7.1 HIGH | ||
| A security vulnerability was discovered in Moodle that can allow hackers to gain access to sensitive information about students and prevent them from logging into their accounts, even after they had completed two-factor authentication (2FA). | |||||
| CVE-2025-3636 | 2025-04-29 | N/A | 4.3 MEDIUM | ||
| A flaw was found in Moodle. This vulnerability allows unauthorized users to access and view RSS feeds due to insufficient capability checks. | |||||
| CVE-2025-25777 | 2025-04-29 | N/A | 8.0 HIGH | ||
| Insecure Direct Object Reference (IDOR) in Codeastro Bus Ticket Booking System v1.0 allows unauthorized access to user profiles. By manipulating the user ID in the URL, an attacker can access another user's profile without proper authentication or authorization checks. | |||||
| CVE-2025-3640 | 2025-04-29 | N/A | 4.3 MEDIUM | ||
| A flaw was found in Moodle. Insufficient capability checks made it possible for a user enrolled in a course to access some details, such as the full name and profile image URL, of other users they did not have permission to access. | |||||
| CVE-2022-43326 | 1 Telosalliance | 2 Omnia Mpx Node, Omnia Mpx Node Firmware | 2025-04-25 | N/A | 7.5 HIGH |
| An Insecure Direct Object Reference (IDOR) vulnerability in the password reset function of Telos Alliance Omnia MPX Node 1.0.0-1.4.[*] allows attackers to arbitrarily change user and Administrator account passwords. | |||||
| CVE-2024-2346 | 1 Ninjateam | 1 Filebird | 2025-04-23 | N/A | 5.4 MEDIUM |
| The FileBird – WordPress Media Library Folders & File Manager plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.6.3 via folder deletion due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with author access or higher, to delete folders created by other users and make their file uploads visible. | |||||
| CVE-2024-39897 | 1 Zotregistry | 1 Zot | 2025-04-23 | N/A | 4.3 MEDIUM |
| zot is an OCI image registry. Prior to 2.1.0, the cache driver `GetBlob()` allows read access to any blob without access control check. If a Zot `accessControl` policy allows users read access to some repositories but restricts read access to other repositories and `dedupe` is enabled (it is enabled by default), then an attacker who knows the name of an image and the digest of a blob (that they do not have read access to), they may maliciously read it via a second repository they do have read access to. This attack is possible because [`ImageStore.CheckBlob()` calls `checkCacheBlob()`](https://github.com/project-zot/zot/blob/v2.1.0-rc2/pkg/storage/imagestore/imagestore.go#L1158-L1159) to find the blob a global cache by searching for the digest. If it is found, it is copied to the user requested repository with `copyBlob()`. The attack may be mitigated by configuring "dedupe": false in the "storage" settings. The vulnerability is fixed in 2.1.0. | |||||
| CVE-2023-44981 | 2 Apache, Debian | 2 Zookeeper, Debian Linux | 2025-04-23 | N/A | 9.1 CRITICAL |
| Authorization Bypass Through User-Controlled Key vulnerability in Apache ZooKeeper. If SASL Quorum Peer authentication is enabled in ZooKeeper (quorum.auth.enableSasl=true), the authorization is done by verifying that the instance part in SASL authentication ID is listed in zoo.cfg server list. The instance part in SASL auth ID is optional and if it's missing, like 'eve@EXAMPLE.COM', the authorization check will be skipped. As a result an arbitrary endpoint could join the cluster and begin propagating counterfeit changes to the leader, essentially giving it complete read-write access to the data tree. Quorum Peer authentication is not enabled by default. Users are recommended to upgrade to version 3.9.1, 3.8.3, 3.7.2, which fixes the issue. Alternately ensure the ensemble election/quorum communication is protected by a firewall as this will mitigate the issue. See the documentation for more details on correct cluster administration. | |||||
| CVE-2022-38765 | 1 Canon | 1 Vitrea View | 2025-04-23 | N/A | 6.5 MEDIUM |
| Canon Medical Informatics Vitrea Vision 7.7.76.1 does not adequately enforce access controls. An authenticated user is able to gain unauthorized access to imaging records by tampering with the vitrea-view/studies/search patientId parameter. | |||||
| CVE-2025-42605 | 2025-04-23 | N/A | N/A | ||
| This vulnerability exists in Meon Bidding Solutions due to improper authorization controls on certain API endpoints for the initiation, modification, or cancellation operations. An authenticated remote attacker could exploit this vulnerability by manipulating parameter in the API request body to gain unauthorized access to other user accounts. Successful exploitation of this vulnerability could allow remote attacker to perform authorized manipulation of data associated with other user accounts. | |||||
| CVE-2025-3519 | 2025-04-23 | N/A | N/A | ||
| An authorization bypass in Unblu Spark allows a participant of a conversation to replace an existing, uploaded file. Every uploaded file in Unblu gets assigned with a randomly generated Universally Unique ID (UUID). In case a participant of this or another conversation gets access to such a file ID, it can be used to replace the file without changing the file name and details or the name of the user who uploaded the file. During the upload, file interception and allowed file type rules are still applied correctly. | |||||
| CVE-2022-31295 | 1 Razormist | 1 Online Discussion Forum Site | 2025-04-22 | 5.0 MEDIUM | 7.5 HIGH |
| An issue in the delete_post() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily delete posts. | |||||
| CVE-2025-22931 | 2025-04-21 | N/A | 7.5 HIGH | ||
| An insecure direct object reference (IDOR) in the component /assets/stafffiles of OS4ED openSIS v7.0 to v9.1 allows unauthenticated attackers to access files uploaded by staff members. | |||||
| CVE-2017-15197 | 1 Kanboard | 1 Kanboard | 2025-04-20 | 4.0 MEDIUM | 4.3 MEDIUM |
| In Kanboard before 1.0.47, by altering form data, an authenticated user can add a new category to a private project of another user. | |||||
| CVE-2017-15208 | 1 Kanboard | 1 Kanboard | 2025-04-20 | 4.0 MEDIUM | 4.3 MEDIUM |
| In Kanboard before 1.0.47, by altering form data, an authenticated user can remove automatic actions from a private project of another user. | |||||
| CVE-2017-15199 | 1 Kanboard | 1 Kanboard | 2025-04-20 | 4.0 MEDIUM | 4.3 MEDIUM |
| In Kanboard before 1.0.47, by altering form data, an authenticated user can edit metadata of a private project of another user, as demonstrated by Name, Email, Identifier, and Description. | |||||
| CVE-2017-15211 | 1 Kanboard | 1 Kanboard | 2025-04-20 | 4.0 MEDIUM | 4.3 MEDIUM |
| In Kanboard before 1.0.47, by altering form data, an authenticated user can add an external link to a private project of another user. | |||||
| CVE-2017-15206 | 1 Kanboard | 1 Kanboard | 2025-04-20 | 4.0 MEDIUM | 4.3 MEDIUM |
| In Kanboard before 1.0.47, by altering form data, an authenticated user can add an internal link to a private project of another user. | |||||