| عنوان | Sistemas Pleno Gestão de Locação Prior to 2025.8.0 Insecure Direct Object Reference (IDOR) |
|---|
| الوصف | An Insecure Direct Object Reference (IDOR) vulnerability exists in Sistemas Pleno – Gestão de Locações versions prior to 2025.8.0. The application does not properly enforce access control on object references, allowing attackers to manipulate identifiers in requests to access resources belonging to other users.
The vendor was contacted and the vulnerability was fixed in version 2025.8.0. |
|---|
| المصدر | ⚠️ https://github.com/lfparizzi/CVE-Sistemas_Pleno/tree/main |
|---|
| المستخدم | Syrtain (UID 83345) |
|---|
| ارسال | 10/09/2025 10:47 PM (8 أشهر منذ) |
|---|
| الاعتدال | 25/09/2025 08:02 AM (14 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 325817 [Sistemas Pleno Gestão de Locação حتى 2025.7.x CPF validarCpf pes_cpf تجاوز الصلاحيات] |
|---|
| النقاط | 19 |
|---|