Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,300 vulnerabilities with CWE-284

CVE-2024-25830 CRITICAL

F-logic DataCube3 v1.0 - Unauthenticated Path Traversal via Configuration File URI

CVE-2024-20291 MEDIUM

Cisco NX-OS - Unauthenticated Access Control Bypass via Port Channel Subinterface ACL Programming

CVE-2024-1492 MEDIUM

WPify Woo Czech <= 4.0.8 - Unauthenticated Unauthorized Data Access via maybe_send_to_packeta Function

CVE-2024-1475 MEDIUM

Coming Soon Maintenance Mode <1.0.5 - Info Disclosure

CVE-2024-1472 MEDIUM

WP Maintenance <6.1.6 - Info Disclosure

CVE-2024-1294 MEDIUM

Sunshine Photo Cart: Free Client Galleries for Photographers <3.0.2...

CVE-2024-1288 MEDIUM

Schema & Structured Data for WP & AMP <1.27 - Privilege Escalation

CVE-2024-1044 MEDIUM

Customer Reviews for WooCommerce <= 5.38.12 - Unauthenticated Arbitrary Review Submission via Missing Capability Check

CVE-2024-0978 MEDIUM

My Private Site <3.0.14 - Info Disclosure

CVE-2024-25169 CRITICAL

Mezzanine 6.0.0 - Improper Access Control in Admin Panel

CVE-2024-1632 HIGH

Progress Sitefinity < 13.3.7649 - Authenticated Sensitive Information Exposure in Administrative Area

CVE-2024-22459 MEDIUM

Dell ECS <3.6.2.5-3.7.0.6-3.8.0.4 - Privilege Escalation

CVE-2024-1476 MEDIUM

Acurax WordPress <2.6 - Info Disclosure

CVE-2024-0975 MEDIUM

WordPress Access Control <4.0.13 - Info Disclosure

CVE-2024-0766 MEDIUM

Envo's Elementor Templates & Widgets - Info Disclosure

CVE-2024-25723 HIGH

ZenML ZenML Server - Improper Authentication

CVE-2024-0551 HIGH

AnythingLLM < 1.0.0 - Authenticated Improper Access Control via Database Export Endpoint

CVE-2024-24568 MEDIUM

Suricata 7.0.0-7.0.2 - Improper Access Control via HTTP2 Header Inspection Bypass

CVE-2024-1823 MEDIUM

CodeAstro Simple Voting System 1.0 - Improper Access Control in Backend users.php

CVE-2024-1053 MEDIUM

Event Tickets and Registration <= 5.8.1 - Authenticated Unauthorized Data Access via Email Action

CVE-2024-25251 HIGH

code-projects Agro-School Management System 1.0 - Info Disclosure

CVE-2024-26310 MEDIUM

Archer Platform 6.8-6.14.0.2 - Authenticated Improper Access Control

CVE-2024-20325 MEDIUM

Cisco Unified Intelligence Center - Info Disclosure

CVE-2024-1701 MEDIUM

keerti1924 PHP-MYSQL-User-Login-System 1.0 - Improper Access Control in /edit.php

CVE-2024-1675 HIGH

Google Chrome < 122.0.6261.57 - Insufficient Policy Enforcement in Download

Previous Page 112 of 212 Next

Details

Vulnerabilities 5,300

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy