CWE-425

Direct Request ('Forced Browsing')

Parent: CWE-862 - Missing Authorization

The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files.

226 vulnerabilities with CWE-425
CVE-2002-1798 CRITICAL
MidiCart PHP Unauthenticated Arbitrary File Upload and Information Disclosure
CVSS 9.1
Details
Vulnerabilities 226
Links
MITRE CWE Entry Search this CWE With Exploits