Total
319 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-24473 | 1 Cozmoslabs | 1 User Profile Picture | 2021-09-20 | 5.5 MEDIUM | 5.4 MEDIUM |
| The User Profile Picture WordPress plugin before 2.6.0 was affected by an IDOR issue, allowing users with the upload_image capability (by default author and above) to change and delete the profile pictures of other users (including those with higher roles). | |||||
| CVE-2021-37628 | 1 Nextcloud | 1 Richdocuments | 2021-09-14 | 5.0 MEDIUM | 7.5 HIGH |
| Nextcloud Richdocuments is an open source collaborative office suite. In affected versions the File Drop features ("Upload Only" public link shares in Nextcloud) can be bypassed using the Nextcloud Richdocuments app. An attacker was able to read arbitrary files in such a share. It is recommended that the Nextcloud Richdocuments is upgraded to 3.8.4 or 4.2.1. If upgrading is not possible then it is recommended to disable the Richdocuments application. | |||||
| CVE-2021-37631 | 1 Nextcloud | 1 Deck | 2021-09-14 | 4.0 MEDIUM | 6.5 MEDIUM |
| Deck is an open source kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. In affected versions the Deck application didn't properly check membership of users in a Circle. This allowed other users in the instance to gain access to boards that have been shared with a Circle, even if the user was not a member of the circle. It is recommended that Nextcloud Deck is upgraded to 1.5.1, 1.4.4 or 1.2.9. If you are unable to update it is advised to disable the Deck plugin. | |||||
| CVE-2021-37630 | 1 Nextcloud | 1 Circles | 2021-09-14 | 4.0 MEDIUM | 6.5 MEDIUM |
| Nextcloud Circles is an open source social network built for the nextcloud ecosystem. In affected versions the Nextcloud Circles application allowed any user to join any "Secret Circle" without approval by the Circle owner leaking private information. It is recommended that Nextcloud Circles is upgraded to 0.19.15, 0.20.11 or 0.21.4. There are no workarounds for this issue. | |||||
| CVE-2020-11009 | 1 Pagerduty | 1 Rundeck | 2021-09-14 | 4.0 MEDIUM | 6.5 MEDIUM |
| In Rundeck before version 3.2.6, authenticated users can craft a request that reveals Execution data and logs and Job details that they are not authorized to see. Depending on the configuration and the way that Rundeck is used, this could result in anything between a high severity risk, or a very low risk. If access is tightly restricted and all users on the system have access to all projects, this is not really much of an issue. If access is wider and allows login for users that do not have access to any projects, or project access is restricted, there is a larger issue. If access is meant to be restricted and secrets, sensitive data, or intellectual property are exposed in Rundeck execution output and job data, the risk becomes much higher. This vulnerability is patched in version 3.2.6 | |||||
| CVE-2021-24562 | 1 Lifterlms | 1 Lifterlms | 2021-08-27 | 5.0 MEDIUM | 7.5 HIGH |
| The LMS by LifterLMS – Online Course, Membership & Learning Management System Plugin for WordPress plugin before 4.21.2 was affected by an IDOR issue, allowing students to see other student answers and grades | |||||
| CVE-2021-36801 | 1 Akaunting | 1 Akaunting | 2021-08-11 | 5.5 MEDIUM | 8.1 HIGH |
| Akaunting version 2.1.12 and earlier suffers from an authentication bypass issue in the user-controllable field, companies[0]. This issue was fixed in version 2.1.13 of the product. | |||||
| CVE-2021-32744 | 1 Collabora | 1 Online | 2021-07-30 | 5.0 MEDIUM | 7.5 HIGH |
| Collabora Online is a collaborative online office suite. In versions prior to 4.2.17-1 and version 6.4.9-5, unauthenticated attackers are able to gain access to files which are currently opened by other users in the Collabora Online editor. For successful exploitation the attacker is required to guess the file identifier - the predictability of this file identifier is dependent on external file-storage implementations (this is a potential "IDOR" - Insecure Direct Object Reference - vulnerability). Versions 4.2.17-1 and 6.4.9-5 contain patches for this issue. There is no known workaround except updating the Collabora Online application to one of the patched releases. | |||||
| CVE-2020-16194 | 1 Store-opart | 1 Quote | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An Insecure Direct Object Reference (IDOR) vulnerability was found in Prestashop Opart devis < 4.0.2. Unauthenticated attackers can have access to any user's invoice and delivery address by exploiting an IDOR on the delivery_address and invoice_address fields. | |||||
| CVE-2020-19890 | 1 Dbhcms Project | 1 Dbhcms | 2021-07-21 | 4.0 MEDIUM | 4.9 MEDIUM |
| DBHcms v1.2.0 has an Arbitrary file read vulnerability in dbhcms\mod\mod.editor.php $_GET['file'] is filename,and as there is no filter function for security, you can read any file's content. | |||||
| CVE-2020-20183 | 1 Zyxel | 2 P1302-t10 V3, P1302-t10 V3 Firmware | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| Insecure direct object reference vulnerability in Zyxel’s P1302-T10 v3 with firmware version 2.00(ABBX.3) and earlier allows attackers to gain privileges and access certain admin pages. | |||||
| CVE-2020-23446 | 1 Verint | 1 Workforce Optimization | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Verint Workforce Optimization suite 15.1 (15.1.0.37634) has Unauthenticated Information Disclosure via API | |||||
| CVE-2020-23449 | 1 Newbee-mall Project | 1 Newbee-mall | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| newbee-mall all versions are affected by incorrect access control to remotely gain privileges through NewBeeMallIndexConfigServiceImpl.java. Unauthorized changes can be made to any user information through the userID. | |||||
| CVE-2020-23722 | 1 Thedaylightstudio | 1 Fuel Cms | 2021-07-21 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in FUEL CMS 1.4.7. There is a escalation of privilege vulnerability to obtain super admin privilege via the "id" and "fuel_id" parameters. | |||||
| CVE-2020-26171 | 1 Tangro | 1 Business Workflow | 2021-07-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| In tangro Business Workflow before 1.18.1, the documentId of attachment uploads to /api/document/attachments/upload can be manipulated. By doing this, users can add attachments to workitems that do not belong to them. | |||||
| CVE-2020-26173 | 1 Tangro | 1 Business Workflow | 2021-07-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| An incorrect access control implementation in Tangro Business Workflow before 1.18.1 allows an attacker to download documents (PDF) by providing a valid document ID and token. No further authentication is required. | |||||
| CVE-2020-26175 | 1 Tangro | 1 Business Workflow | 2021-07-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| In tangro Business Workflow before 1.18.1, an attacker can manipulate the value of PERSON in requests to /api/profile in order to change profile information of other users. | |||||
| CVE-2020-27662 | 1 Glpi-project | 1 Glpi | 2021-07-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| In GLPI before 9.5.3, ajax/comments.php has an Insecure Direct Object Reference (IDOR) vulnerability that allows an attacker to read data from any database table (e.g., glpi_tickets, glpi_users, etc.). | |||||
| CVE-2020-27663 | 1 Glpi-project | 1 Glpi | 2021-07-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| In GLPI before 9.5.3, ajax/getDropdownValue.php has an Insecure Direct Object Reference (IDOR) vulnerability that allows an attacker to read data from any itemType (e.g., Ticket, Users, etc.). | |||||
| CVE-2020-29156 | 1 Woocommerce | 1 Woocommerce | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| The WooCommerce plugin before 4.7.0 for WordPress allows remote attackers to view the status of arbitrary orders via the order_id parameter in a fetch_order_status action. | |||||