VYPR
High severity7.5NVD Advisory· Published Jul 9, 2019· Updated Jun 17, 2026

CVE-2019-11020

CVE-2019-11020

Description

Lack of authentication in file-viewing components in DDRT Dashcom Live 2019-05-09 allows anyone to remotely access all claim details by visiting easily guessable dashboard/uploads/claim_files/claim_id_ URLs.

Affected products

2
  • DDRT/Dashcom Livedescription
  • Dashcom/Livellm-create
    Range: 2019-05-09

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.