CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,283 vulnerabilities with CWE-284
CVE-2025-11656 HIGH
oranbyte school_management_system - Unrestricted File Upload via File Argument in editNotes.php
CVSS 7.3
CVE-2025-11655 MEDIUM
Total.js Flow <673ef9144dd25d4f4fd4fdfda5af27f230198924 - Unrestric...
CVSS 4.7
CVE-2025-11647 LOW
Furbo 360 Dog Camera <036 & Mini <074 - Sensitive Info Exposure via GATT
CVSS 3.1
CVE-2025-11646 MEDIUM
Furbo 360 Dog Camera Firmware < 036 and Furbo Mini Firmware < 074 - Improper Access Controls in GATT Service
CVSS 6.3
CVE-2025-11641 LOW
Furbo 360 Dog Camera Firmware < 036 and Furbo Mini Firmware < 074 - Improper Access Control in Trial Restriction Handler
CVSS 3.9
CVE-2025-11634 LOW
Furbo 360 Dog Camera Firmware < 036 and Furbo Mini Firmware < 074 - Information Disclosure via UART Interface
CVSS 2.4
CVE-2025-62159 HIGH
External Secrets Operator <0.19.2 - Privilege Escalation
CVE-2025-60306 CRITICAL
code-projects Simple Car Rental System 1.0 - Auth Bypass
CVSS 9.9
CVE-2025-60305 HIGH
Online Student Clearance System 1.0 - Incorrect Access Control
CVSS 8.8
CVE-2025-59218 CRITICAL
Azure Entra ID - Elevation of Privilege
CVSS 9.6
CVE-2025-45095 HIGH
Lavasoft Web Companion <12.1.3.1037 - Code Injection
CVSS 7.3
CVE-2025-11508 MEDIUM
code-projects Voting System 1.0 - Unrestricted File Upload via Photo Argument
CVSS 4.7
CVE-2025-36636 MEDIUM
Tenable Security Center <6.7.0 - Privilege Escalation
CVSS 4.3
CVE-2025-11470 MEDIUM
Hotel and Lodge Management System <= 1.0 - Unrestricted File Upload via manage_website.php
CVSS 4.7
CVE-2025-11440 MEDIUM
JhumanJ OpnForm <1.9.3 - Improper Access Controls
CVSS 4.3
CVE-2025-11436 MEDIUM
JhumanJ OpnForm <1.9.3 - Unrestricted Upload
CVSS 6.3
CVE-2025-11426 MEDIUM
Advanced Library Management System 1.0 - Unrestricted Upload
CVSS 6.3
CVE-2025-11417 MEDIUM
Campcodes Advanced Online Voting Management System 1.0 - Unrestricted File Upload via Voters Add Photo Argument
CVSS 6.3
CVE-2025-11406 MEDIUM
kaifangqian-base - Exposure of Sensitive Information via getAllUsers Function
CVSS 4.3
CVE-2025-11398 MEDIUM
Hotel and Lodge Management System 1.0 - Unrestricted File Upload via Profile Image Parameter
CVSS 6.3
CVE-2025-11354 MEDIUM
Online Hotel Reservation System 1.0 - Unrestricted File Upload via Image Parameter
CVSS 6.3
CVE-2025-11353 MEDIUM
Online Hotel Reservation System 1.0 - Unrestricted File Upload via Image Parameter
CVSS 6.3
CVE-2025-11352 MEDIUM
Online Hotel Reservation System 1.0 - Unrestricted File Upload via Image Argument
CVSS 6.3
CVE-2025-11351 MEDIUM
Online Hotel Reservation System 1.0 - Unrestricted File Upload via Image Parameter
CVSS 6.3
CVE-2025-11347 HIGH
code-projects Student Crud Operation <3.3 - Unrestricted Upload
CVSS 7.3
Details
Vulnerabilities 5,283
Links
MITRE CWE Entry Search this CWE With Exploits