Total
655 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-40319 | 1 Lsoft | 1 Listserv | 2024-08-03 | 7.5 High |
| The LISTSERV 17 web interface allows remote attackers to conduct Insecure Direct Object References (IDOR) attacks via a modified email address in a wa.exe URL. The impact is unauthorized modification of a victim's LISTSERV account. | ||||
| CVE-2022-39018 | 1 M-files | 1 Hubshare | 2024-08-03 | 8.2 High |
| Broken access controls on PDFtron data in M-Files Hubshare before 3.3.11.3 allows unauthenticated attackers to access restricted PDF files via a known URL. | ||||
| CVE-2022-38789 | 1 Airties | 6 Air 4920, Air 4920 Firmware, Air 4921 and 3 more | 2024-08-03 | 9.1 Critical |
| An issue was discovered in Airties Smart Wi-Fi before 2020-08-04. It allows attackers to change the main/guest SSID and the PSK to arbitrary values, and map the LAN, because of Insecure Direct Object Reference. | ||||
| CVE-2022-38765 | 1 Canon | 1 Vitrea View | 2024-08-03 | 6.5 Medium |
| Canon Medical Informatics Vitrea Vision 7.7.76.1 does not adequately enforce access controls. An authenticated user is able to gain unauthorized access to imaging records by tampering with the vitrea-view/studies/search patientId parameter. | ||||
| CVE-2022-36539 | 1 Eigen\&wijzer Ouderapp Project | 1 Eigen\&wijzer Ouderapp | 2024-08-03 | 7.5 High |
| WeDayCare B.V Ouderapp before v1.1.22 allows attackers to alter the ID value within intercepted calls to gain access to data of other parents and children. | ||||
| CVE-2022-36247 | 1 Shopbeat | 1 Shop Beat Media Player | 2024-08-03 | 9.1 Critical |
| Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to IDOR via controlpanel.shopbeat.co.za. | ||||
| CVE-2022-36202 | 1 Doctor\'s Appointment System Project | 1 Doctor\'s Appointment System | 2024-08-03 | 9.8 Critical |
| Doctor's Appointment System1.0 is vulnerable to Incorrect Access Control via edoc/patient/settings.php. The settings.php is affected by Broken Access Control (IDOR) via id= parameter. | ||||
| CVE-2022-34621 | 1 Mealie | 1 Mealie | 2024-08-03 | 6.5 Medium |
| Mealie 1.0.0beta3 was discovered to contain an Insecure Direct Object Reference (IDOR) vulnerability which allows attackers to modify user passwords and other attributes via modification of the user_id parameter. | ||||
| CVE-2022-34138 | 1 Biltema | 4 Baby Camera, Baby Camera Firmware, Ip Camera and 1 more | 2024-08-03 | 7.5 High |
| Insecure direct object references (IDOR) in the web server of Biltema IP and Baby Camera Software v124 allows attackers to access sensitive information. | ||||
| CVE-2022-32277 | 1 Squiz | 1 Matrix | 2024-08-03 | 5.3 Medium |
| Squiz Matrix CMS 6.20 is vulnerable to an Insecure Direct Object Reference caused by failure to correctly validate authorization when submitting a request to change a user's contact details. NOTE: this is disputed by both the vendor and the original discoverer because it is a site-specific finding, not a finding about the Squiz Matrix CMS product. | ||||
| CVE-2022-33077 | 1 Nopcommerce | 1 Nopcommerce | 2024-08-03 | 7.5 High |
| An access control issue in nopcommerce v4.50.2 allows attackers to arbitrarily modify any customer's address via the addressedit endpoint. | ||||
| CVE-2022-31883 | 1 Marvalglobal | 1 Marval Msm | 2024-08-03 | 8.8 High |
| Marval MSM v14.19.0.12476 is has an Insecure Direct Object Reference (IDOR) vulnerability. A low privilege user is able to see other users API Keys including the Admins API Keys. | ||||
| CVE-2022-31295 | 1 Online Discussion Forum Site Project | 1 Online Discussion Forum Site | 2024-08-03 | 7.5 High |
| An issue in the delete_post() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily delete posts. | ||||
| CVE-2022-31131 | 1 Nextcloud | 1 Nextcloud Mail | 2024-08-03 | 5.4 Medium |
| Nextcloud mail is a Mail app for the Nextcloud home server product. Versions of Nextcloud mail prior to 1.12.2 were found to be missing user account ownership checks when performing tasks related to mail attachments. Attachments may have been exposed to incorrect system users. It is recommended that the Nextcloud Mail app is upgraded to 1.12.2. There are no known workarounds for this issue. ### Workarounds No workaround available ### References * [Pull request](https://github.com/nextcloud/mail/pull/6600) * [HackerOne](https://hackerone.com/reports/1579820) ### For more information If you have any questions or comments about this advisory: * Create a post in [nextcloud/security-advisories](https://github.com/nextcloud/security-advisories/discussions) * Customers: Open a support ticket at [support.nextcloud.com](https://support.nextcloud.com) | ||||
| CVE-2022-31027 | 1 Jupyter | 1 Oauthenticator | 2024-08-03 | 4.2 Medium |
| OAuthenticator is an OAuth token library for the JupyerHub login handler. CILogonOAuthenticator is provided by the OAuthenticator package, and lets users log in to a JupyterHub via CILogon. This is primarily used to restrict a JupyterHub only to users of a given institute. The allowed_idps configuration trait of CILogonOAuthenticator is documented to be a list of domains that indicate the institutions whose users are authorized to access this JupyterHub. This authorization is validated by ensuring that the *email* field provided to us by CILogon has a *domain* that matches one of the domains listed in `allowed_idps`.If `allowed_idps` contains `berkeley.edu`, you might expect only users with valid current credentials provided by University of California, Berkeley to be able to access the JupyterHub. However, CILogonOAuthenticator does *not* verify which provider is used by the user to login, only the email address provided. So a user can login with a GitHub account that has email set to `<something>@berkeley.edu`, and that will be treated exactly the same as someone logging in using the UC Berkeley official Identity Provider. The patch fixing this issue makes a *breaking change* in how `allowed_idps` is interpreted. It's no longer a list of domains, but configuration representing the `EntityID` of the IdPs that are allowed, picked from the [list maintained by CILogon](https://cilogon.org/idplist/). Users are advised to upgrade. | ||||
| CVE-2022-30852 | 1 Withknown | 1 Known | 2024-08-03 | 4.3 Medium |
| Known v1.3.1 was discovered to contain an Insecure Direct Object Reference (IDOR). | ||||
| CVE-2022-30760 | 1 Ihb-eg | 1 Fn2web | 2024-08-03 | 4.3 Medium |
| An Insecure Direct Object Reference (IDOR) issue in fn2Web in ihb eG FlexNow before 2.04.09.016 allows remote authenticated attackers to obtain sensitive student information (final grades, study courses, degrees) by changing the student ID parameter in the HTTP POST request to the FrontControllerSS endpoint. | ||||
| CVE-2022-30495 | 1 Automotive Shop Management System Project | 1 Automotive Shop Management System | 2024-08-03 | 9.8 Critical |
| In oretnom23 Automotive Shop Management System v1.0, the name id parameter is vulnerable to IDOR - Broken Access Control allowing attackers to change the admin password(vertical privilege escalation) | ||||
| CVE-2022-29627 | 1 Online Market Place Site Project | 1 Online Market Place Site | 2024-08-03 | 4.3 Medium |
| An insecure direct object reference (IDOR) in Online Market Place Site v1.0 allows attackers to modify products that are owned by other sellers. | ||||
| CVE-2022-29287 | 1 Kentico | 1 Kentico | 2024-08-03 | 4.9 Medium |
| Kentico CMS before 13.0.66 has an Insecure Direct Object Reference vulnerability. It allows an attacker with user management rights (default is Administrator) to export the user options of any user, even ones with higher privileges (like Global Administrators) than the current user. The exported XML contains every option of the exported user (even the hashed password). | ||||