| タイトル | Sistemas Pleno Gestão de Locação Prior to 2025.8.0 Insecure Direct Object Reference (IDOR) |
|---|
| 説明 | An Insecure Direct Object Reference (IDOR) vulnerability exists in Sistemas Pleno – Gestão de Locações versions prior to 2025.8.0. The application does not properly enforce access control on object references, allowing attackers to manipulate identifiers in requests to access resources belonging to other users.
The vendor was contacted and the vulnerability was fixed in version 2025.8.0. |
|---|
| ソース | ⚠️ https://github.com/lfparizzi/CVE-Sistemas_Pleno/tree/main |
|---|
| ユーザー | Syrtain (UID 83345) |
|---|
| 送信 | 2025年09月10日 22:47 (8 月 ago) |
|---|
| モデレーション | 2025年09月25日 08:02 (14 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 325817 [Sistemas Pleno Gestão de Locação 迄 2025.7.x CPF validarCpf pes_cpf 特権昇格] |
|---|
| ポイント | 19 |
|---|