Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,290 vulnerabilities with CWE-284

CVE-2025-49546 LOW

ColdFusion 2025.2 2023.14 2021.20 - Authenticated Partial Denial of Service via Improper Access Control

CVE-2025-7190 MEDIUM

Library Management System 2.0 - Unrestricted File Upload via Student Edit Photo

CVE-2025-48817 HIGH

Remote Desktop Client - Path Traversal

CVE-2025-47993 HIGH

Microsoft Windows 11 24h2 < 10.0.26100.4652 - Improper Access Control

CVE-2025-7181 MEDIUM

Staff Audit System 1.0 - Unrestricted File Upload via /test.php uploadedfile Parameter

CVE-2025-7175 MEDIUM

E-Commerce Site 1.0 - Unrestricted File Upload via /admin/users_photo.php Photo Parameter

CVE-2025-23365 HIGH

TIA Administrator < 3.0.6 - Privilege Escalation and Arbitrary Code Execution via Cache File Overwrite

CVE-2025-7152 MEDIUM

Campcodes Advanced Online Voting System 1.0 - Unrestricted File Upload via Photo Argument

CVE-2025-7151 MEDIUM

Campcodes Advanced Online Voting System 1.0 - Unrestricted File Upload in Voters Add Photo

CVE-2025-20324 MEDIUM

Splunk Enterprise <9.4.2, 9.3.5, 9.2.7, 9.1.10 - Privilege Escalation

CVE-2025-20323 MEDIUM

Splunk Enterprise <9.4.3, 9.3.5, 9.2.7, 9.1.10 - Info Disclosure

CVE-2025-7124 MEDIUM

Online Note Sharing 1.0 - Unrestricted File Upload via Profile Image Handler

CVE-2025-7100 MEDIUM

BoyunCMS < 1.4.20 - Unrestricted File Upload via Image Parameter

CVE-2025-7076 MEDIUM

BlackVue Dashcam 590X < 2025-06-24 - Unauthenticated Improper Access Control in Configuration Handler

CVE-2025-7075 MEDIUM

BlackVue Dashcam 590X < 2025-06-24 - Unauthenticated Unrestricted File Upload via /upload.cgi

CVE-2025-6786 MEDIUM

DocCheck Login <1.1.5 - Info Disclosure

CVE-2025-53501 HIGH

Mediawiki Scribunto Extension <1.39.12-1.43.2 - Info Disclosure

CVE-2025-45424 MEDIUM

Xinference < 1.4.0 - Unauthenticated Web GUI Access

CVE-2025-52101 CRITICAL

linjiashop <= 0.9 - Unauthenticated Incorrect Access Control

CVE-2025-27153 MEDIUM

Escalade GLPI plugin <2.9.11 - Info Disclosure

CVE-2025-45083 MEDIUM

Ullu <2.9.929, <2.8.0 - Auth Bypass

CVE-2025-45081 HIGH

IITB SSO 1.1.0 - Improper Access Control

CVE-2025-50405 MEDIUM

Intelbras RX1500 Router <v2.2.17 - Privilege Escalation

CVE-2025-53003 HIGH

jans-config-api-server < 1.8.0 - Unauthenticated Exposure of Sensitive Information via Missing Scope Verification

CVE-2025-6900 MEDIUM

code-projects Library System 1.0 - Unrestricted File Upload via Image Parameter in /add-book.php

Previous Page 66 of 212 Next

Details

Vulnerabilities 5,290

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy