Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,299 vulnerabilities with CWE-284

CVE-2025-5429 MEDIUM

juzaweb CMS < 3.4.2 - Improper Access Control in Plugins Page

CVE-2025-5428 MEDIUM

juzaweb CMS < 3.4.2 - Improper Access Control in Error Logs Page

CVE-2025-5427 MEDIUM

juzaweb CMS 3.4-3.4.2 - Improper Access Control in Permalinks Page

CVE-2025-5426 MEDIUM

juzaweb CMS < 3.4.2 - Improper Access Control in Menu Page

CVE-2025-5425 MEDIUM

juzaweb CMS < 3.4.2 - Improper Access Control in Theme Editor Page

CVE-2025-5424 MEDIUM

juzaweb CMS < 3.4.2 - Improper Access Control in Media Page

CVE-2025-5423 MEDIUM

juzaweb CMS < 3.4.2 - Improper Access Control in General Setting Page

CVE-2025-5422 MEDIUM

juzaweb CMS 3.4-3.4.2 - Improper Access Control in Email Logs Page

CVE-2025-5421 MEDIUM

juzaweb CMS 3.4-3.4.2 - Improper Access Control in Plugin Editor Page

CVE-2025-5409 HIGH

Mist Community Edition < 4.7.2 - Improper Access Control in API Token Handler

CVE-2025-5406 MEDIUM

chaitak-gorai/blogbook < 2021-11-22 - Unrestricted File Upload via posts.php image Parameter

CVE-2025-5390 MEDIUM

JeeWMS < 2025-05-04 - Improper Access Control in File Handler

CVE-2025-5389 MEDIUM

JeeWMS < 2025-05-04 - Improper Access Control in File Handler

CVE-2025-5387 MEDIUM

JeeWMS < 2025-05-04 - Improper Access Control in File Handler

CVE-2025-4433 HIGH

Devolutions Server < 2025.1.9.0 - Privilege Escalation via User Group Management

CVE-2025-4431 MEDIUM

Featured Image Plus <= 1.6.4 - Authenticated Data Modification via fip_save_attach_featured

CVE-2025-44619 CRITICAL

Tinxy WiFi Lock Controller v1 RF - Unauthenticated Network Access via Open Wi-Fi Configuration

CVE-2025-27702 MEDIUM

Absolute Secure Access < 13.54 - Authenticated Permission Bypass in Management Console

CVE-2025-45343 CRITICAL

Tenda W18E v.16.01.0.11 - Remote Code Execution via Account Module Editing

CVE-2025-48734 HIGH

Apache Commons <2.0.0 - Info Disclosure

CVE-2025-5299 HIGH

Client Database Management System 1.0 - Unrestricted File Upload via uploaded_file_cancelled Parameter

CVE-2025-5184 MEDIUM

Summer Pearl Group Vacation Rental Management Platform < 1.0.2 - Information Disclosure via HTTP Response Header

CVE-2025-5178 MEDIUM

Realce Tecnologia Queue Ticket Kiosk < 2025-05-17 - Unrestricted File Upload via Image File Handler

CVE-2025-5171 MEDIUM

llisoft MTA Maita Training System 4.5 - Unrestricted File Upload via OpenController File Download Function

CVE-2025-5163 MEDIUM

yangshare warehouse_management_system 1.0 - Improper Access Control

Previous Page 69 of 212 Next

Details

Vulnerabilities 5,299

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy