Vulnerabilities (CVE)

Filtered by CWE-639
Total 833 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-15913 1 Mi 10 Dgnwg03lm, Dgnwg03lm Firmware, Mccgq01lm and 7 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDCGQ01LM, RTCGQ01LM devices. Because of insecure key transport in ZigBee communication, causing attackers to gain sensitive information and denial of service attack, take over smart home devices, and tamper with messages.
CVE-2019-15815 1 Zyxel 2 2.00\(abbx.3\), P-1302-t10d 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
ZyXEL P-1302-T10D v3 devices with firmware version 2.00(ABBX.3) and earlier do not properly enforce access control and could allow an unauthorized user to access certain pages that require admin privileges.
CVE-2019-15725 1 Gitlab 1 Gitlab 2024-11-21 5.0 MEDIUM 7.5 HIGH
An issue was discovered in GitLab Community and Enterprise Edition 12.0 through 12.2.1. An IDOR in the epic notes API that could result in disclosure of private milestones, labels, and other information.
CVE-2019-15582 1 Gitlab 1 Gitlab 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
An IDOR was discovered in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) that allowed a maintainer to add any private group to a protected environment.
CVE-2019-15581 1 Gitlab 1 Gitlab 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
An IDOR exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) that allowed a project owner or maintainer to see the members of any private group via merge request approval rules.
CVE-2019-15310 1 Linkplay 1 Linkplay 2024-11-21 10.0 HIGH 9.8 CRITICAL
An issue was discovered on various devices via the Linkplay firmware. There is WAN remote code execution without user interaction. An attacker could retrieve the AWS key from the firmware and obtain full control over Linkplay's AWS estate, including S3 buckets containing device firmware. When combined with an OS command injection vulnerability within the XML Parsing logic of the firmware update process, an attacker would be able to gain code execution on any device that attempted to update. Note that by default all devices tested had automatic updates enabled.
CVE-2019-14932 1 Humanica 1 Humatrix 7 2024-11-21 5.0 MEDIUM 7.5 HIGH
The Recruitment module in Humanica Humatrix 7 1.0.0.681 and 1.0.0.203 allows remote attackers to access all candidates' information on the website via a modified selApp variable to personalData/resumeDetail.cfm. This includes personal information and other sensitive data.
CVE-2019-14725 1 Control-webpanel 1 Webpanel 2024-11-21 4.0 MEDIUM 4.3 MEDIUM
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to change the e-mail usage value of a victim account via an attacker account.
CVE-2019-14724 1 Control-webpanel 1 Webpanel 2024-11-21 5.0 MEDIUM 7.5 HIGH
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to edit an e-mail forwarding destination of a victim's account via an attacker account.
CVE-2019-14721 1 Control-webpanel 1 Webpanel 2024-11-21 5.5 MEDIUM 6.5 MEDIUM
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to remove a target user from phpMyAdmin via an attacker account.
CVE-2019-14246 1 Centos-webpanel 1 Centos Web Panel 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to discover phpMyAdmin passwords (of any user in /etc/passwd) via an attacker account.
CVE-2019-14245 1 Centos-webpanel 1 Centos Web Panel 2024-11-21 5.5 MEDIUM 6.5 MEDIUM
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete databases (such as oauthv2) from the server via an attacker account.
CVE-2019-13605 1 Control-webpanel 1 Webpanel 2024-11-21 6.5 MEDIUM 8.8 HIGH
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.838 to 0.9.8.846, remote attackers can bypass authentication in the login process by leveraging the knowledge of a valid username. The attacker must defeat an encoding that is not equivalent to base64, and thus this is different from CVE-2019-13360.
CVE-2019-13461 1 Prestashop 1 Prestashop 2024-11-21 5.0 MEDIUM 7.5 HIGH
In PrestaShop before 1.7.6.0 RC2, the id_address_delivery and id_address_invoice parameters are affected by an Insecure Direct Object Reference vulnerability due to a guessable value sent to the web application during checkout. An attacker could leak personal customer information. This is PrestaShop bug #14444.
CVE-2019-13360 1 Control-webpanel 1 Webpanel 2024-11-21 7.5 HIGH 9.8 CRITICAL
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, remote attackers can bypass authentication in the login process by leveraging knowledge of a valid username.
CVE-2019-13337 1 Weseek 1 Growi 2024-11-21 5.0 MEDIUM 7.5 HIGH
In WESEEK GROWI before 3.5.0, the site-wide basic authentication can be bypassed by adding a URL parameter access_token (this is the parameter used by the API). No valid token is required since it is not validated by the backend. The website can then be browsed as if no basic authentication is required.
CVE-2019-12866 1 Jetbrains 1 Youtrack 2024-11-21 7.5 HIGH 9.8 CRITICAL
An Insecure Direct Object Reference, with Authorization Bypass through a User-Controlled Key, was possible in JetBrains YouTrack. The issue was fixed in 2018.4.49168.
CVE-2019-12782 1 Thoughtspot 1 Thoughtspot 2024-11-21 5.5 MEDIUM 8.1 HIGH
An authorization bypass vulnerability in pinboard updates in ThoughtSpot 4.4.1 through 5.1.1 (before 5.1.2) allows a low-privilege user with write access to at least one pinboard to corrupt pinboards of another user in the application by spoofing GUIDs in pinboard update requests, effectively deleting them.
CVE-2019-12742 1 Bludit 1 Bludit 2024-11-21 6.5 MEDIUM 8.8 HIGH
Bludit prior to 3.9.1 allows a non-privileged user to change the password of any account, including admin. This occurs because of bl-kernel/admin/controllers/user-password.php Insecure Direct Object Reference (a modified username POST parameter).
CVE-2019-12252 1 Zohocorp 1 Manageengine Servicedesk Plus 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
In Zoho ManageEngine ServiceDesk Plus through 10.5, users with the lowest privileges (guest) can view an arbitrary post by appending its number to the SDNotify.do?notifyModule=Solution&mode=E-Mail&notifyTo=SOLFORWARD&id= substring.