CVE-2023-7210 | OneNav up to 0.9.33 API /index.php X-Token improper authentication

Posted by Angelo Barbosa | Jan 5, 2024 | CVE

A vulnerability was found in OneNav up to 0.9.33. It has been classified as critical. This affects an unknown part of the file /index.php?c=api of the component API. The manipulation of the argument X-Token leads to improper authentication.

This vulnerability is uniquely identified as CVE-2023-7210. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2023-7210 | OneNav up to 0.9.33 API /index.php X-Token improper authentication

Related Posts

CVE-2024-0268 | Kashipara Hospital Management System up to 1.0 registration.php name/email/pass/gender/age/city sql injection

CVE-2024-28044 | OpenHarmony up to 4.1.0 integer overflow

CVE-2024-6387 | OpenSSH up to 9.8 on Linux Signal grace_alarm_handler race condition

CVE-2023-6582 | ElementsKit Lite Plugin up to 3.0.3 on WordPress information disclosure