Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,300 vulnerabilities with CWE-284

CVE-2025-4036 MEDIUM

xxyopen novel 3.5.0 - Improper Access Control in AuthorController updateBookChapter

CVE-2025-32470 HIGH

SICK FLX0-GPNT100 and FLX3-CPUC200 - Unauthenticated IP Address Spoofing

CVE-2025-4006 MEDIUM

youyiio BeyongCms 1.6.0 - Unrestricted Upload

CVE-2025-3978 MEDIUM

dazhouda lecms 3.0.3 - Info Disclosure

CVE-2025-3975 MEDIUM

ScriptAndTools eCommerce-website-in-PHP 3.0 - Info Disclosure

CVE-2025-3969 MEDIUM

Codeprojects News Publishing Site Dashboard 1.0 - Unrestricted Upload

CVE-2025-3966 MEDIUM

itwanger paicoding 1.0.3 - Info Disclosure

CVE-2025-43862 HIGH

Dify < 0.6.12 - Improper Access Control in APP Orchestration

CVE-2025-43947 HIGH

Codemers KLIMS < 1.6_dev - Improper Access Control

CVE-2025-3518 MEDIUM

unblu spark 7.0.1-7.54.1 - Improper Access Control via Direct API Request

CVE-2025-28104 CRITICAL

flaskBlog 2.6.1 - Improper Access Control

CVE-2025-28367 MEDIUM

mojoPortal <=2.9.0.1 - Directory Traversal

CVE-2025-3830 MEDIUM

kuangstudy KuangSimpleBBS 1.0 - Unrestricted File Upload via QuestionController fileUpload

CVE-2025-3807 MEDIUM

zhenfeng13 My-BBS 1.0 - Unrestricted File Upload via Upload Endpoint

CVE-2025-3798 MEDIUM

WCMS 11 - Unrestricted File Upload in Advertisement Image Handler

CVE-2025-28233 CRITICAL

BW Broadcast TX600-1000 - Info Disclosure

CVE-2025-28231 CRITICAL

Itel Electronics IP Stream <1.7.0.6 - Privilege Escalation

CVE-2025-32796 MEDIUM

Dify < 0.6.12 - Improper Access Control via API

CVE-2025-32795 MEDIUM

Dify < 0.6.12 - Improper Access Control in App Metadata Editing

CVE-2025-28232 CRITICAL

JMBroadcast JMB0150 Firmware v1.0 - Unauthenticated Admin Panel Access via HOME.php Endpoint

CVE-2025-28229 CRITICAL

Orban OPTIMOD 5950 Firmware v1.0.0.2 and System v2.2.15 - Unauthenticated Privilege Escalation to Administrator

CVE-2025-3790 MEDIUM

Apache Druid Monitoring Console - Improper Access Controls

CVE-2025-32790 MEDIUM

Dify < 0.6.13 - Improper Access Control in Export APP DSL Feature

CVE-2025-3783 MEDIUM

SourceCodester Web-based Pharmacy Product Management System 1.0 - U...

CVE-2025-3765 MEDIUM

Senior-walter Web-based Pharmacy Product Management System - Improper Access Control

Previous Page 74 of 212 Next

Details

Vulnerabilities 5,300

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy