ReportizFlow
Filtered by vendor
Subscriptions
Total
722 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-6859 | 1 Ultimatemember | 1 Ultimate Member | 2024-11-21 | 5.3 Medium |
| Multiple Insecure Direct Object Reference vulnerabilities in includes/core/class-files.php in the Ultimate Member plugin through 2.1.2 for WordPress allow remote attackers to change other users' profiles and cover photos via a modified user_id parameter. This is related to ajax_image_upload and ajax_resize_image. | ||||
| CVE-2020-6641 | 1 Fortinet | 1 Fortipresence | 2024-11-21 | 4.3 Medium |
| Two authorization bypass through user-controlled key vulnerabilities in the Fortinet FortiPresence 2.1.0 administration interface may allow an attacker to gain access to some user data via portal manager or portal users parameters. | ||||
| CVE-2020-5743 | 1 Tecnick | 1 Tcexam | 2024-11-21 | 4.3 Medium |
| Improper Control of Resource Identifiers in TCExam 14.2.2 allows a remote, authenticated attacker to access test metadata for which they don't have permission. | ||||
| CVE-2020-5539 | 1 Grandit | 1 Grandit | 2024-11-21 | 6.5 Medium |
| GRANDIT Ver.1.6, Ver.2.0, Ver.2.1, Ver.2.2, Ver.2.3, and Ver.3.0 do not properly manage sessions, which allows remote attackers to impersonate an arbitrary user and then alter or disclose the information via unspecified vectors. | ||||
| CVE-2020-5194 | 1 Cerberusftp | 1 Ftp Server | 2024-11-21 | 5.4 Medium |
| The zip API endpoint in Cerberus FTP Server 8 allows an authenticated attacker without zip permission to use the zip functionality via an unrestricted API endpoint. Improper permission verification occurs when calling the file/ajax_download_zip/zip_name endpoint. The result is that a user without permissions can zip and download files even if they do not have permission to view whether the file exists. | ||||
| CVE-2020-4918 | 1 Ibm | 1 Cloud Pak System | 2024-11-21 | 4.4 Medium |
| IBM Cloud Pak System 2.3 could allow l local privileged user to disclose sensitive information due to an insecure direct object reference in sell service console for the Platform System Manager. IBM X-Force ID: 191392. | ||||
| CVE-2020-36231 | 1 Atlassian | 4 Jira, Jira Data Center, Jira Server and 1 more | 2024-11-21 | 4.3 Medium |
| Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view the metadata of boards they should not have access to via an Insecure Direct Object References (IDOR) vulnerability. The affected versions are before version 8.5.10, and from version 8.6.0 before 8.13.2. | ||||
| CVE-2020-36126 | 1 Paxtechnology | 1 Paxstore | 2024-11-21 | 8.1 High |
| Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by incorrect access control that can lead to remote privilege escalation. PAXSTORE marketplace endpoints allow an authenticated user to read and write data not owned by them, including third-party users, application and payment terminals, where an attacker can impersonate any user which may lead to the unauthorized disclosure, modification, or destruction of information. | ||||
| CVE-2020-35849 | 1 Mantisbt | 1 Mantisbt | 2024-11-21 | 7.5 High |
| An issue was discovered in MantisBT before 2.24.4. An incorrect access check in bug_revision_view_page.php allows an unprivileged attacker to view the Summary field of private issues, as well as bugnotes revisions, gaining access to potentially confidential information via the bugnote_id parameter. | ||||
| CVE-2020-29446 | 1 Atlassian | 2 Crucible, Fisheye | 2024-11-21 | 5.3 Medium |
| Affected versions of Atlassian Fisheye & Crucible allow remote attackers to browse local files via an Insecure Direct Object References (IDOR) vulnerability in the WEB-INF directory. The affected versions are before version 4.8.5. | ||||
| CVE-2020-29156 | 1 Woocommerce | 1 Woocommerce | 2024-11-21 | 5.3 Medium |
| The WooCommerce plugin before 4.7.0 for WordPress allows remote attackers to view the status of arbitrary orders via the order_id parameter in a fetch_order_status action. | ||||
| CVE-2020-27742 | 1 Citadel | 1 Webcit | 2024-11-21 | 6.5 Medium |
| An Insecure Direct Object Reference vulnerability in Citadel WebCit through 926 allows authenticated remote attackers to read someone else's emails via the msg_confirm_move template. NOTE: this was reported to the vendor in a publicly archived "Multiple Security Vulnerabilities in WebCit 926" thread. | ||||
| CVE-2020-27663 | 1 Glpi-project | 1 Glpi | 2024-11-21 | 4.3 Medium |
| In GLPI before 9.5.3, ajax/getDropdownValue.php has an Insecure Direct Object Reference (IDOR) vulnerability that allows an attacker to read data from any itemType (e.g., Ticket, Users, etc.). | ||||
| CVE-2020-27662 | 1 Glpi-project | 1 Glpi | 2024-11-21 | 4.3 Medium |
| In GLPI before 9.5.3, ajax/comments.php has an Insecure Direct Object Reference (IDOR) vulnerability that allows an attacker to read data from any database table (e.g., glpi_tickets, glpi_users, etc.). | ||||
| CVE-2020-26679 | 1 Vfairs | 1 Vfairs | 2024-11-21 | 4.3 Medium |
| vFairs 3.3 is affected by Insecure Permissions. Any user logged in to a vFairs virtual conference or event can modify any other users profile information or profile picture. After receiving any user's unique identification number and their own, an HTTP POST request can be made update their profile description or supply a new profile image. This can lead to potential cross-site scripting attacks on any user, or upload malicious PHP webshells as "profile pictures." The user IDs can be easily determined by other responses from the API for an event or chat room. | ||||
| CVE-2020-26178 | 1 Tangro | 1 Business Workflow | 2024-11-21 | 5.3 Medium |
| In tangro Business Workflow before 1.18.1, knowing an attachment ID, it is possible to download workitem attachments without being authenticated. | ||||
| CVE-2020-26175 | 1 Tangro | 1 Business Workflow | 2024-11-21 | 6.5 Medium |
| In tangro Business Workflow before 1.18.1, an attacker can manipulate the value of PERSON in requests to /api/profile in order to change profile information of other users. | ||||
| CVE-2020-26173 | 1 Tangro | 1 Business Workflow | 2024-11-21 | 3.1 Low |
| An incorrect access control implementation in Tangro Business Workflow before 1.18.1 allows an attacker to download documents (PDF) by providing a valid document ID and token. No further authentication is required. | ||||
| CVE-2020-26171 | 1 Tangro | 1 Business Workflow | 2024-11-21 | 4.3 Medium |
| In tangro Business Workflow before 1.18.1, the documentId of attachment uploads to /api/document/attachments/upload can be manipulated. By doing this, users can add attachments to workitems that do not belong to them. | ||||
| CVE-2020-26068 | 1 Cisco | 2 Roomos, Telepresence Collaboration Endpoint | 2024-11-21 | 5.5 Medium |
| A vulnerability in the xAPI service of Cisco Telepresence CE Software and Cisco RoomOS Software could allow an authenticated, remote attacker to generate an access token for an affected device. The vulnerability is due to insufficient access authorization. An attacker could exploit this vulnerability by using the xAPI service to generate a specific token. A successful exploit could allow the attacker to use the generated token to enable experimental features on the device that should not be available to users. | ||||