In ProConf before 6.1, an Insecure Direct Object Reference (IDOR) allows any author to view and grab all submitted papers (Title and Abstract) and their authors' personal information (Name, Email, Organization, and Position) by changing the value of Paper ID (the pid parameter).
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-09-06T16:00:00

Updated: 2024-08-05T10:32:52.255Z

Reserved: 2018-09-06T00:00:00

Link: CVE-2018-16606

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-09-06T16:29:05.830

Modified: 2024-11-21T03:53:03.053

Link: CVE-2018-16606

cve-icon Redhat

No data.