• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-639

CVE-2022-4239

February 23, 2023 by godfreyd94

The Workreap WordPress theme before 2.6.4 does not verify that an addon service belongs to the user issuing the request, or indeed that it is an addon service, when processing the workreap_addons_service_remove action, allowing any user to delete any post by knowing or guessing the id.

CVE-2022-42129

February 23, 2023 by godfreyd94

An Insecure direct object reference (IDOR) vulnerability in the Dynamic Data Mapping module in Liferay Portal 7.3.2 through 7.4.3.4, and Liferay DXP 7.3 before update 4, and 7.4 GA allows remote authenticated users to view and access form entries via the `formInstanceRecordId` parameter.

CVE-2022-42067

February 23, 2023 by godfreyd94

Online Birth Certificate Management System version 1.0 suffers from an Insecure Direct Object Reference (IDOR) vulnerability

CVE-2022-41479

February 23, 2023 by godfreyd94

The DevExpress Resource Handler (ASPxHttpHandlerModule) in DevExpress ASP.NET Web Forms Build v19.2.3 does not verify the referenced objects in the /DXR.axd?r= HTTP GET parameter. This leads to an Insecure Direct Object References (IDOR) vulnerability which allows attackers to access the application source code.

CVE-2022-4097

February 23, 2023 by godfreyd94

The All-In-One Security (AIOS) WordPress plugin before 5.0.8 is susceptible to IP Spoofing attacks, which can lead to bypassed security features (like IP blocks, rate limiting, brute force protection, and more).

CVE-2022-40319

February 23, 2023 by godfreyd94

The LISTSERV 17 web interface allows remote attackers to conduct Insecure Direct Object References (IDOR) attacks via a modified email address in a wa.exe URL. The impact is unauthorized modification of a victim’s LISTSERV account.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 33
  • Go to page 34
  • Go to page 35
  • Go to page 36
  • Go to page 37
  • Interim pages omitted …
  • Go to page 50
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE