Critical severity9.8NVD Advisory· Published Aug 25, 2025· Updated Jun 17, 2026
CVE-2025-45968
CVE-2025-45968
Description
An issue in System PDV v1.0 allows a remote attacker to obtain sensitive information via the hash parameter in a URL. The application contains an Insecure Direct Object Reference (IDOR) vulnerability, which occurs due to a lack of proper authorization checks when accessing objects referenced by this parameter. This allows direct access to other users' data or internal resources without proper permission. Successful exploitation of this flaw may result in the exposure of sensitive information.
Affected products
2- System/PDVdescription
- Range: = 1.0
Patches
Vulnerability mechanics
References
1- medium.com/@r3dd1t/pedindo-um-lanche-e-possivelemnte-descobrindo-uma-cve-9930b0114e3fnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.