go-zero is a web and rpc framework. Go-zero allows user to specify a CORS Filter with a configurable allows param - which is an array of domains allowed in CORS policy. However, the `isOriginAllowed` uses `strings.HasSuffix` to check the origin, which leads to bypass via a malicious domain. This vulnerability is capable of breaking CORS policy and thus allowing any page to make requests and/or retrieve data on behalf of other users. Version 1.4.4 fixes this issue.
Max CVSS
9.1
EPSS Score
0.04%
Published
2024-03-06
Updated
2024-03-06
Clerk helps developers build user management. Unauthorized access or privilege escalation due to a logic flaw in auth() in the App Router or getAuth() in the Pages Router. This vulnerability was patched in version 4.29.3.
Max CVSS
9.8
EPSS Score
0.07%
Published
2024-01-12
Updated
2024-01-22
A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /LoginRegistration.php. The manipulation of the argument formToken leads to authorization bypass. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249820.
Max CVSS
9.8
EPSS Score
0.06%
Published
2024-01-07
Updated
2024-03-21
Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce WooCommerce Stripe Payment Gateway.This issue affects WooCommerce Stripe Payment Gateway: from n/a through 7.6.1.
Max CVSS
9.8
EPSS Score
0.09%
Published
2024-01-05
Updated
2024-01-11
SAP BTP Security Services Integration Library ([Golang] github.com/sap/cloud-security-client-go) - versions < 0.17.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-12-12
Updated
2023-12-15
SAP BTP Security Services Integration Library ([Python] sap-xssec) - versions < 4.1.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-12-12
Updated
2023-12-15
SAP BTP Security Services Integration Library ([Java] cloud-security-services-integration-library) - versions below 2.17.0 and versions from 3.0.0 to before 3.3.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application.
Max CVSS
9.8
EPSS Score
0.10%
Published
2023-12-12
Updated
2024-01-09
SAP BTP Security Services Integration Library ([Node.js] @sap/xssec - versions < 3.6.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-12-12
Updated
2024-01-09
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The "intermediate installation" system state of the affected application allows an attacker to add their own login credentials to the device. This allows an attacker to remotely login as root and take control of the device even after the affected device is fully set up.
Max CVSS
9.8
EPSS Score
0.08%
Published
2024-01-09
Updated
2024-01-12
Authorization Bypass Through User-Controlled Key vulnerability in Apache ZooKeeper. If SASL Quorum Peer authentication is enabled in ZooKeeper (quorum.auth.enableSasl=true), the authorization is done by verifying that the instance part in SASL authentication ID is listed in zoo.cfg server list. The instance part in SASL auth ID is optional and if it's missing, like 'eve@EXAMPLE.COM', the authorization check will be skipped. As a result an arbitrary endpoint could join the cluster and begin propagating counterfeit changes to the leader, essentially giving it complete read-write access to the data tree. Quorum Peer authentication is not enabled by default. Users are recommended to upgrade to version 3.9.1, 3.8.3, 3.7.2, which fixes the issue. Alternately ensure the ensemble election/quorum communication is protected by a firewall as this will mitigate the issue. See the documentation for more details on correct cluster administration.
Max CVSS
9.1
EPSS Score
0.37%
Published
2023-10-11
Updated
2024-02-21
Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
Max CVSS
9.1
EPSS Score
0.09%
Published
2023-09-27
Updated
2023-09-28
Authorization Bypass Through User-Controlled Key vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.8.0,  some sensitive params checks will be bypassed, like "autoDeserizalize","allowLoadLocalInfile".... .   Users are advised to upgrade to Apache InLong's 1.9.0 or cherry-pick [1] to solve it. [1]  https://github.com/apache/inlong/pull/8604
Max CVSS
9.8
EPSS Score
1.30%
Published
2023-10-16
Updated
2023-11-14

CVE-2023-38965

Public exploit
Lost and Found Information System 1.0 allows account takeover via username and password to a /classes/Users.php?f=save URI.
Max CVSS
9.8
EPSS Score
0.30%
Published
2023-11-03
Updated
2023-11-13
Vulnerability of commands from the modem being intercepted in the atcmdserver module. Attackers may exploit this vulnerability to rewrite the non-volatile random-access memory (NVRAM), or facilitate the exploitation of other vulnerabilities.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-07-06
Updated
2023-07-12
EasyTor Applications – Authorization Bypass - EasyTor Applications may allow authorization bypass via unspecified method.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-05-08
Updated
2023-05-15
EuroTel ETL3100 versions v01c01 and v01x37 are vulnerable to insecure direct object references that occur when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability, attackers can bypass authorization, access the hidden resources on the system, and execute privileged functionalities.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-12-19
Updated
2023-12-29
Dev blog v1.0 allows to exploit an account takeover through the "user" cookie. With this, an attacker can access any user's session just by knowing their username.
Max CVSS
9.1
EPSS Score
0.05%
Published
2023-11-21
Updated
2023-11-29
Authorization Bypass Through User-Controlled Key vulnerability in TMT Lockcell allows Authentication Abuse, Authentication Bypass.This issue affects Lockcell: before 15.
Max CVSS
9.8
EPSS Score
0.11%
Published
2023-06-13
Updated
2023-08-02
Authorization Bypass Through User-Controlled Key vulnerability in Origin Software ATS Pro allows Authentication Abuse, Authentication Bypass.This issue affects ATS Pro: before 20230714.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-07-17
Updated
2023-07-31
Authorization Bypass Through User-Controlled Key vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform allows Authentication Abuse, Authentication Bypass.This issue affects Rental Module: before 23.05.15.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-05-20
Updated
2023-08-02
The WCFM Membership – WooCommerce Memberships for Multivendor Marketplace plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 2.10.7. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for unauthenticated attackers to change user passwords and potentially take over administrator accounts.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-05-20
Updated
2023-06-13
The ContentStudio plugin for WordPress is vulnerable to authorization bypass due to an unsecure token check that is susceptible to type juggling in versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to execute functions intended for use by users with proper API keys.
Max CVSS
9.8
EPSS Score
0.24%
Published
2023-01-27
Updated
2024-01-09
LiuOS is a small Python project meant to imitate the functions of a regular operating system. Version 0.1.0 and prior of LiuOS allow an attacker to set the GITHUB_ACTIONS environment variable to anything other than null or true and skip authentication checks. This issue is patched in the latest commit (c658b4f3e57258acf5f6207a90c2f2169698ae22) by requiring the var to be set to true, causing a test script to run instead of being able to login. A potential workaround is to check for the GITHUB_ACTIONS environment variable and set it to "" (no quotes) to null the variable and force credential checks.
Max CVSS
9.2
EPSS Score
0.04%
Published
2022-12-28
Updated
2023-01-13
An issue was discovered in Airties Smart Wi-Fi before 2020-08-04. It allows attackers to change the main/guest SSID and the PSK to arbitrary values, and map the LAN, because of Insecure Direct Object Reference.
Max CVSS
9.1
EPSS Score
0.16%
Published
2022-09-15
Updated
2022-09-20
Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to IDOR via controlpanel.shopbeat.co.za.
Max CVSS
9.1
EPSS Score
0.09%
Published
2023-05-30
Updated
2023-06-02
49 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!