The employee management page of Flygo contains an Insecure Direct Object Reference (IDOR) vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The check-in record page of Flygo contains Insecure Direct Object Reference (IDOR) vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
There is an information leak vulnerability in the digital media player (DMS) of ZTE's residential gateway product. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.