Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-425

CWE-425

Direct Request ('Forced Browsing')

Parent: CWE-862 - Missing Authorization

The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files.

226 vulnerabilities with CWE-425

CVE-2022-34571 HIGH

Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 - Code Injection

CVE-2022-34570 HIGH

WAVLINK WN579 X3 M79X3.V5030.191012 - Information Disclosure via messages.txt Page

CVE-2022-1551 MEDIUM

SP Project & Document Manager <4.58 - Info Disclosure

CVE-2022-2192 HIGH

HYPR Server <6.15.1 - Privilege Escalation

CVE-2022-29238 MEDIUM

Jupyter Notebook <6.4.12 - Info Disclosure

CVE-2022-31847 HIGH

WAVLINK WN579 X3 M79X3.V5030.180719 - Info Disclosure

CVE-2022-31485 MEDIUM

HID Mercury LP1501/LP1502/LP2500/LP4502/EP4502 <1.29 Unauthenticated Home Page Notes Update

CVE-2022-31484 HIGH

HID Mercury Intelligent Controllers <1.29 - DoS

CVE-2022-31480 HIGH

HID Mercury Intelligent Controllers <1.302-1.296 - DoS

CVE-2022-28799 HIGH

TikTok <23.7.3 - Privilege Escalation

CVE-2022-28991 HIGH

Multi Store Inventory Management System v1.0 - Info Disclosure

CVE-2022-26777 MEDIUM

Zoho ManageEngine Remote Access Plus <10.1.2137.15 - Info Disclosure

CVE-2022-26653 MEDIUM

Zoho ManageEngine Remote Access Plus <10.1.2137.15 - Info Disclosure

CVE-2022-27480 HIGH

SICAM A8000 CP-8031 and CP-8050 Firmware < 4.80 - Unauthenticated Arbitrary File Download

CVE-2022-28365 MEDIUM

Reprise License Manager 14.2 - Info Disclosure

CVE-2022-1077 MEDIUM

TEM FLEX-1080 and FLEX-1085 1.6.0 - Unauthenticated Sensitive Information Exposure via Log Handler

CVE-2022-26279 CRITICAL

EyouCMS v1.5.5 - Unauthenticated Direct Request in /data/sqldata

CVE-2022-24385 MEDIUM

SmarterTrack 100.0.8019.14010 - Info Disclosure

CVE-2022-26159 MEDIUM

Ametys CMS <4.5.0 - Info Disclosure

CVE-2022-23607 MEDIUM

treq 21.1.0-22.1.0 - Exposure of Sensitive Information via Supercookies

CVE-2021-40616 MEDIUM

thinkcmf <5.1.7 - Privilege Escalation

CVE-2021-44582 HIGH

Sourcecodester Money Transfer Management System 1.0 - Privilege Escalation via Forced Browsing

CVE-2021-34588 HIGH

Bender CC612 and ICC15xx Firmware 5.11.0-5.11.1 - Unauthenticated Sensitive Data Exposure via Backup Export

CVE-2021-46378 HIGH

DLink DIR850 ET850-1.08TRb03 - Info Disclosure

CVE-2021-24046 MEDIUM

Ray-Ban Stories <2107460.6810.0 - Info Disclosure

Previous Page 5 of 10 Next

Details

Vulnerabilities 226

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy