The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files.
223 vulnerabilities with CWE-425
CVE-2025-31971
MEDIUM
AIML Solutions for HCL SX - SSRF
CVSS 5.1
CVE-2025-55736
MEDIUM
flaskBlog <2.8.0 - Privilege Escalation
CVSS 6.5
CVE-2025-41404
MEDIUM
iroha Board <v0.10.12 - Info Disclosure
CVSS 4.3
CVE-2025-53073
MEDIUM
Sentry 25.1.0-25.5.1 - Info Disclosure
CVSS 4.2
CVE-2025-52920
MEDIUM
Innoshop <0.4.1 - Info Disclosure
CVSS 6.4
CVE-2025-6352
MEDIUM
code-projects Automated Voting System 1.0 - Direct Request
CVSS 5.3
CVE-2025-48207
HIGH
TYPO3 reint_downloadmanager <5.0.0 - Info Disclosure
CVSS 8.6
CVE-2025-48205
HIGH
TYPO3 sr_feuser_register <12.4.8 - Info Disclosure
CVSS 8.6
CVE-2025-48202
MEDIUM
TYPO3 femanager <8.2.1 - Info Disclosure
CVSS 5.3
CVE-2025-48201
HIGH
TYPO3 ns_backup <13.0.0 - Info Disclosure
CVSS 8.6
CVE-2025-47226
MEDIUM
Grokability Snipe-IT <8.1.0 - Info Disclosure
CVSS 5.0
CVE-2025-46690
MEDIUM
Ververica Platform 2.14.0 - SQL Injection
CVSS 5.0
CVE-2025-27581
MEDIUM
NIH BRICS <14.0.0-67 - Info Disclosure
CVSS 4.3
CVE-2025-2595
MEDIUM
CODESYS Visualization - Auth Bypass
CVSS 5.3
CVE-2025-32367
HIGH
Oz Forensics <4.0.8 - Info Disclosure
CVSS 8.6
CVE-2025-26689
CRITICAL
CHOCO TEI WATCHER mini - Info Disclosure
CVSS 9.8
CVE-2025-1542
CRITICAL
OXARI ServiceDesk <2.0.324.0 - Privilege Escalation
CVE-2025-2147
MEDIUM
Beijing Zhide Intelligent Internet Technology Modern Farm Digital I...
CVSS 5.3
CVE-2024-58343
MEDIUM
Vision Helpdesk <5.7.0 - Deserialization
CVSS 4.3
CVE-2024-55075
MEDIUM
Grocy <4.3.0 - Info Disclosure
CVSS 4.3
CVE-2024-9945
MEDIUM
Fortra's GoAnywhere MFT <7.7.0 - Info Disclosure
CVSS 5.3
CVE-2024-11049
LOW
ZKTeco ZKBio Time 9.0.1 - SSRF
CVSS 3.7
CVE-2024-45195
HIGH
KEV
Apache OFBiz <18.12.16 - Info Disclosure
CVSS 7.5
CVE-2024-7753
MEDIUM
SourceCodester Clinics Patient Management System 1.0 - Info Disclosure
CVSS 5.3
CVE-2024-42001
HIGH
Vonets - Auth Bypass
CVSS 8.6
Details
Vulnerabilities
223