Cookie Consent by Free Privacy Policy Generator Aktuallisiere deine Cookie Einstellungen ๐Ÿ“Œ Mail.ru: Access User Tickets via IDOR in [widget.support.my.games]
Team IT Security Nachrichtenportal Logo


๐Ÿ“š Mail.ru: Access User Tickets via IDOR in [widget.support.my.games]


๐Ÿ’ก Newskategorie: Sicherheitslรผcken
๐Ÿ”— Quelle: vulners.com


image
IDOR vulnerability in widget.support.my.games allowed to disclose the user... ...



Sharing is caring on Social Media

๐Ÿ”— Reddit
๐Ÿ”— Telegram
๐Ÿ”— LinkedIn
๐Ÿ”— Xing
๐Ÿ”— Twitter
๐Ÿ”— Whatsapp
๐Ÿ”— Facebook
๐Ÿ”— Flipboard

Join the Team IT Security Community

๐Ÿ”— "IT Sicherheit" Reddit-Gruppe
๐Ÿ”— "IT Sicherheit" Telegramm-Seite

๐Ÿ“Œ Mail.ru: Access User Tickets via IDOR in [widget.support.my.games]


๐Ÿ“ˆ 72.9 Punkte

๐Ÿ“Œ Mail.ru: [auto.mail.ru] IDOR ะฝะฐ ั€ะตะดะฐะบั‚ะธั€ะพะฒะฐะฝะธะต ะฟะพัั‚ะฐ ะปัŽะฑะพะณะพ ัŽะทะตั€ะฐ.


๐Ÿ“ˆ 30.24 Punkte

๐Ÿ“Œ Phabricator: IDOR bug to See hidden slowvote of any user even when you dont have access right


๐Ÿ“ˆ 27.4 Punkte

๐Ÿ“Œ Dropcontact: IDOR at [https://dropcontact.firstpromote] which allows an UNAUTHORIZED user to ACCESS and EDIT Paypal GMAIL by Changing the ID.


๐Ÿ“ˆ 27.4 Punkte

๐Ÿ“Œ Mail.ru: Cross-site Scripting (XSS) - DOM on https://account.mail.ru/user/garage?back_url=https://mail.ru


๐Ÿ“ˆ 24.35 Punkte

๐Ÿ“Œ Polymail, Inc.: Metadata leakage via IDOR


๐Ÿ“ˆ 24.15 Punkte

๐Ÿ“Œ Topcoder: IDOR on deleting drafts on https://apps.topcoder.com/wiki/users/viewmydrafts.action via discardDraftId parameter


๐Ÿ“ˆ 24.15 Punkte

๐Ÿ“Œ Tools for Humanity: IDOR - Leaking of team data (name, email, ID, member ID) via POST /api/v1/graphql `FetchMemberships` operation


๐Ÿ“ˆ 24.15 Punkte

๐Ÿ“Œ U.S. Dept Of Defense: Full Account Take-Over of โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆ Members via IDOR


๐Ÿ“ˆ 24.15 Punkte

๐Ÿ“Œ Topcoder: IDOR at https://fast.trychameleon.com/observe/v2/profiles/ via uid parameter discloses users' PII data


๐Ÿ“ˆ 24.15 Punkte

๐Ÿ“Œ U.S. Dept Of Defense: IDOR leaking PII data via VendorId parameter


๐Ÿ“ˆ 24.15 Punkte

๐Ÿ“Œ HackerOne: Insecure Direct Object Reference (IDOR) Allows Viewing Private Report Details via /bugs.json Endpoint


๐Ÿ“ˆ 24.15 Punkte

๐Ÿ“Œ Mail.ru: [api.pandao.ru] IDOR ะฟะพะทะฒะพะปัะตั‚ ะธะทะผะตะฝัั‚ัŒ ะฐะดั€ะตั ะปัŽะฑะพะณะพ ะฟะพะปัŒะทะพะฒะฐั‚ะตะปั


๐Ÿ“ˆ 23.91 Punkte

๐Ÿ“Œ Mail.ru: IDOR ะฒ ัะฟะธัะบะต ะฟะพะปัŒะทะพะฒะฐั‚ะตะปะตะน ะฟะพ ะดะพะผะตะฝัƒ ะฒ relap.io


๐Ÿ“ˆ 23.91 Punkte

๐Ÿ“Œ Game dev 2Kโ€™s support site hacked to push malware via fake tickets


๐Ÿ“ˆ 23.04 Punkte

๐Ÿ“Œ Visma Bug Bounty Program: [IDOR]Ability to View/Delete/Edit (Forward to attachment archive) Email of other user if GUID is known.


๐Ÿ“ˆ 22.96 Punkte

๐Ÿ“Œ Visma Bug Bounty Program: [IDOR]Ability to View/Delete/Edit (Forward to attachment archive) Email of other user if GUID is known.


๐Ÿ“ˆ 22.96 Punkte

๐Ÿ“Œ Trint Ltd: IDOR to update folder name of other user


๐Ÿ“ˆ 22.96 Punkte

๐Ÿ“Œ IDOR User Account Takeover By Connecting My Facebook Account with victims Account


๐Ÿ“ˆ 22.96 Punkte

๐Ÿ“Œ Starbucks: Thailand - IDOR on www.starbuckscardth.in.th: A logged in user could view any Thailand Starbucks card balance if they knew that Starbucks card number


๐Ÿ“ˆ 22.96 Punkte

๐Ÿ“Œ New Relic: IDOR - User is able to download charts/dashboards from cross accounts


๐Ÿ“ˆ 22.96 Punkte

๐Ÿ“Œ Automattic: [IDOR] Attacker user can Approve/Decline AFK on the behalf of other users


๐Ÿ“ˆ 22.96 Punkte

๐Ÿ“Œ Nextcloud: IDOR allows me to mark devices of another user for remote wipe out


๐Ÿ“ˆ 22.96 Punkte

๐Ÿ“Œ Palo Alto Software: IDOR on update user preferences


๐Ÿ“ˆ 22.96 Punkte

๐Ÿ“Œ U.S. Dept Of Defense: View another user information with IDOR vulnerability


๐Ÿ“ˆ 22.96 Punkte

๐Ÿ“Œ U.S. General Services Administration: IDOR at training.smartpay.gsa.gov/reports/quizzes-taken-by-user


๐Ÿ“ˆ 22.96 Punkte

๐Ÿ“Œ Reddit: IDOR allows an attacker to modify the links of any user


๐Ÿ“ˆ 22.96 Punkte

๐Ÿ“Œ KDE's Plasma Breeze AlphaBlack v11 w/ Widget v2 can now control the popup and desktop widget transparency


๐Ÿ“ˆ 22.32 Punkte

๐Ÿ“Œ Medium CVE-2016-10991: Imdb-widget project Imdb-widget


๐Ÿ“ˆ 22.32 Punkte

๐Ÿ“Œ WP Page Builder Plugin up to 1.2.3 on WordPress Raw HTML Widget/Custom HTML Widget cross site scripting


๐Ÿ“ˆ 22.32 Punkte

๐Ÿ“Œ iOS 16.2: Schlaf-Widget taucht in Beta auf โ€“ Apple arbeitet an Medikamenten-Widget


๐Ÿ“ˆ 22.32 Punkte

๐Ÿ“Œ CVE-2024-2126 | ThemeIsle Orbit Fox Widget up to 2.10.32 on WordPress Registration Form Widget cross site scripting (ID 3046442)


๐Ÿ“ˆ 22.32 Punkte

๐Ÿ“Œ Widget Hub mรถchte Anlaufstelle fรผr Widget-Scripts fรผr Scriptable werden


๐Ÿ“ˆ 22.32 Punkte

๐Ÿ“Œ CVE-2024-2919 | Kadence Gutenberg Blocks Plugin up to 3.2.31 on WordPress Countdown Widget/CountUp Widget cross site scripting (ID 3062911)


๐Ÿ“ˆ 22.32 Punkte

๐Ÿ“Œ CVE-2024-5091 | SKT Addons for Elementor Plugin up to 2.0 on WordPress Age Gate Widget/Creative Slider Widget cross site scripting


๐Ÿ“ˆ 22.32 Punkte











matomo