Unauthenticated Insecure Direct Object References (IDOR) in Simple Shopping Cart <= 5.2.9 versions.
Unauthenticated Insecure Direct Object References (IDOR) in Clean Login <= 1.15 versions.
Unauthenticated Insecure Direct Object References (IDOR) in VikRentCar <= 1.4.5 versions.
Unauthenticated Insecure Direct Object References (IDOR) in School Management <= 93.1.0 versions.
Unauthenticated Insecure Direct Object References (IDOR) in Salon booking system <= 10.30.24 versions.
Craft Commerce is an ecommerce platform for Craft CMS. Prior to 4.11.0 and 5.6.0, An Insecure Direct Object Reference (IDOR) vulnerability exists in Craft Commerce’s cart functionality that allows use
An Insecure Direct Object Reference (IDOR) in Pagekit CMS v1.0.18 allows attackers to escalate privileges.
Subscriber Insecure Direct Object References (IDOR) in KiviCare <= 4.2.1 versions.
An Insecure Direct Object Reference (IDOR) in Envasadora H2O Eireli - Soda Cristal v40.20.4 allows authenticated attackers to access sensitive data for other users via a crafted HTTP request.
Unauthenticated PHP Object Injection in EmallShop <= 2.4.21 versions.
Insecure Direct Object Reference (IDOR) in the Track order function in PHPGURUKUL Online Shopping Portal 2.1 allows information disclosure via the oid parameter.
Custom role Insecure Direct Object References (IDOR) in Projectopia <= 5.1.25.2 versions.
An insecure direct object reference (IDOR) vulnerability in the Fullstep V5 registration process allows authenticated users to access data belonging to other registered users through various vulnerabl
Insecure Direct Object Reference (IDOR) vulnerability in Clickedu. This vulnerability could allow an attacker to retrieve information about student report cards.
Insecure Direct Object Reference (IDOR) vulnerability in the eSignaViewer component in eSigna product versions 1.0 to 1.5 on all platforms allow an unauthenticated attacker to access arbitrary files i
An unauthenticated Insecure Direct Object Reference (IDOR) to the database has been found in the SO Planning tool that occurs when the public view setting is enabled. An attacker could use this vulner
Unauthenticated SQL Injection in eCommerce Product Catalog <= 3.5.5 versions.
Unauthenticated PHP Object Injection in Elementra <= 1.0.9 versions.
Unauthenticated PHP Object Injection in Mildhill <= 1.5 versions.
Unauthenticated PHP Object Injection in SingleMalt <= 1.5 versions.
Page 1+ Next →