• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-639

CVE-2021-37213

February 23, 2023 by

The check-in record page of Flygo contains Insecure Direct Object Reference (IDOR) vulnerability. After being authenticated as a general user, remote attackers can manipulate the employee ID and date in specific parameters to access particular employee’s check-in record.

CVE-2021-37214

February 23, 2023 by

The employee management page of Flygo contains Insecure Direct Object Reference (IDOR) vulnerability. After being authenticated as a general user, remote attackers can manipulate the employee ID in specific parameters to arbitrary access employee’s data, modify it, and then obtain administrator privilege and execute arbitrary command.

CVE-2021-37215

February 23, 2023 by

The employee management page of Flygo contains an Insecure Direct Object Reference (IDOR) vulnerability. After being authenticated as a general user, remote attacker can manipulate the user data and then over-write another employee’s user data by specifying that employee’s ID in the API parameter.

CVE-2021-37184

February 23, 2023 by

A vulnerability has been identified in Industrial Edge Management (All versions < V1.3). An unauthenticated attacker could change the the password of any user in the system under certain circumstances. With this an attacker could impersonate any valid user on an affected system.

CVE-2021-36906

February 23, 2023 by

Multiple Insecure Direct Object References (IDOR) vulnerabilities in ExpressTech Quiz And Survey Master plugin <= 7.3.6 on WordPress.

CVE-2021-36865

February 23, 2023 by

Insecure direct object references (IDOR) vulnerability in ExpressTech Quiz And Survey Master plugin <= 7.3.4 at WordPress allows attackers to change the content of the quiz.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 24
  • Go to page 25
  • Go to page 26
  • Go to page 27
  • Go to page 28
  • Interim pages omitted …
  • Go to page 50
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE