ViDay Sensitive Information Exposure Vulnerability

Vulnerability

A vulnerability allowing unauthenticated attackers to access sensitive customer information has been identified in the ViDay booking application. This issue arises from the application's API, specifically the 'clients' endpoint, which can be accessed by sending an HTTP GET request with the 'phone' parameter. The vulnerability is present in all versions of ViDay.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive customer information.

Added: Oct 2, 2025, 10:24 AM

Updated: Oct 2, 2025, 10:24 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.6

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.6

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ViDay Sensitive Information Exposure Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating