Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,300 vulnerabilities with CWE-284

CVE-2025-2989 MEDIUM

Tenda FH1202 1.2.0.14(408) - Info Disclosure

CVE-2025-2978 MEDIUM

WCMS 11 - Unrestricted File Upload via Article Publishing Page

CVE-2025-2973 MEDIUM

College Management System 1.0 - Unrestricted Upload

CVE-2025-2955 MEDIUM

TOTOLINK A3000RU <5.9c.5185 - Improper Access Controls

CVE-2025-2954 LOW

mannaandpoem OpenManus <2025.3.13 - Improper Access Controls

CVE-2025-2952 MEDIUM

Bluestar Micro Mall 1.0 - Unrestricted Upload

CVE-2025-20230 MEDIUM

Splunk Enterprise <9.4.1, 9.3.3, 9.2.5, 9.1.8 - Info Disclosure

CVE-2025-20229 HIGH

Splunk <9.3.3, 9.2.5, 9.1.8 - Cloud & Enterprise - RCE

CVE-2025-26010 CRITICAL

Telesquare TLR-2005KSH 1.1.4 - Unauthenticated Password Modification via admin.cgi setUserNamePassword Parameter

CVE-2025-2499 MEDIUM

Devolutions Remote Desktop Manager <2025.1.25 - Auth Bypass

CVE-2025-23203 MEDIUM

Icinga Director <1.10.4-1.11.4 - Info Disclosure

CVE-2025-29315 CRITICAL

OpenDaylight Service Function Chaining SFC Sodium-SR4 and below - Improper Access Control via Shiro-based RBAC Mechanism

CVE-2025-2706 MEDIUM

Digiwin ERP 5.0.1 - Unrestricted Upload

CVE-2025-30208 MEDIUM

Vite - Arbitrary File Read

CVE-2025-2705 HIGH

Digiwin ERP 5.1 - Unrestricted Upload

CVE-2025-2702 MEDIUM

Softwin WMX3 3.1 - Unrestricted Upload

CVE-2025-2688 MEDIUM

TOTOLINK A3000RU <5.9c.5185 - Improper Access Controls

CVE-2025-2687 MEDIUM

PHPGurukul eLearning System 1.0 - Unrestricted Upload

CVE-2025-2686 MEDIUM

mingyuefusu <d4836f6b49cd0ac79a4021b15ce99ff7229d4694 - Improper Ac...

CVE-2025-2671 MEDIUM

Yue Lao Blind Box <4.0 - Unrestricted Upload

CVE-2025-2607 MEDIUM

phplaozhang LzCMS-LaoZhangBoKeXiTong <= 1.1.4 - Unrestricted File Upload via /admin/upload/upimage.html File Parameter

CVE-2025-2606 MEDIUM

Best Church Management Software 1.0 - Unrestricted File Upload via Soulwinning CRUD Photo Parameter

CVE-2025-2557 MEDIUM

Audi UTR Dashcam <2.89-2.90 - Improper Access Controls

CVE-2025-2553 MEDIUM

D-Link DIR-618 and DIR-605L - Improper Access Control in Virtual Server Configuration

CVE-2025-2552 MEDIUM

D-Link DIR-618 and DIR-605L 2.02/3.02 - Improper Access Control in formTcpipSetup

Previous Page 80 of 212 Next

Details

Vulnerabilities 5,300

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy