• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-639

CVE-2022-2828

February 23, 2023 by godfreyd94

In affected versions of Octopus Server it is possible to reveal information about teams via the API due to an Insecure Direct Object Reference (IDOR) vulnerability

CVE-2022-2808

February 23, 2023 by godfreyd94

Algan Yaz?l?m Prens Student Information System product has an authenticated Insecure Direct Object Reference (IDOR) vulnerability.

CVE-2022-27247

February 23, 2023 by godfreyd94

onlinetolls in cdSoft Onlinetools-Smart Winhotel.MX 2021 allows an attacker to download sensitive information about any customer (e.g., data of birth, full address, mail information, and phone number) via GastKont Insecure Direct Object Reference.

CVE-2022-2730

February 23, 2023 by godfreyd94

Authorization Bypass Through User-Controlled Key in GitHub repository openemr/openemr prior to 7.0.0.1.

CVE-2022-27108

February 23, 2023 by godfreyd94

OrangeHRM 4.10 is vulnerable to Insecure Direct Object Reference (IDOR) via the end point symfony/web/index.php/time/createTimesheet`. Any user can create a timesheet in another user’s account.

CVE-2022-26665

February 23, 2023 by godfreyd94

An Insecure Direct Object Reference issue exists in the Tyler Odyssey Portal platform before 17.1.20. This may allow an external party to access sensitive case records.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 41
  • Go to page 42
  • Go to page 43
  • Go to page 44
  • Go to page 45
  • Interim pages omitted …
  • Go to page 50
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE