CVE-2019-17604
N/A
N/A
Summary
An Insecure Direct Object Reference (IDOR) vulnerability in eyecomms eyeCMS through 2019-10-15 allows any candidate to change other candidates' personal information (first name, last name, email, CV, phone number, and all other personal information) by changing the value of the candidate id (the id parameter).
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.eyecomms.com/Products/eyeCMS.html
- https://gist.github.com/AhMyth/b0f7e4b8244def8eb8d7d8c61fa6d4e5
References
- http://www.eyecomms.com/Products/eyeCMS.html
- https://gist.github.com/AhMyth/b0f7e4b8244def8eb8d7d8c61fa6d4e5
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.