In ProConf before 6.1, an Insecure Direct Object Reference (IDOR) allows any author to view and grab all submitted papers (Title and Abstract) and their authors' personal information (Name, Email, Organization, and Position) by changing the value of Paper ID (the pid parameter).
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2018-09-06T16:00:00
Updated: 2024-08-05T10:32:52.255Z
Reserved: 2018-09-06T00:00:00
Link: CVE-2018-16606
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-09-06T16:29:05.830
Modified: 2024-11-21T03:53:03.053
Link: CVE-2018-16606
Redhat
No data.