Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-425

CWE-425

Direct Request ('Forced Browsing')

Parent: CWE-862 - Missing Authorization

The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files.

223 vulnerabilities with CWE-425

CVE-2021-42671 HIGH

Sourcecodester Engineers Online Portal - Auth Bypass

CVE-2021-36560 CRITICAL

Phone Shop Sales Managements System <1.0 - Auth Bypass

CVE-2021-36745 CRITICAL

Trend Micro ServerProtect - Auth Bypass

CVE-2021-40875 HIGH

Gurock TestRail <7.2.0.3014 - Info Disclosure

CVE-2021-26085 MEDIUM KEV

Atlassian Confluence Server <7.4.10, >7.5.0-7.12.2 - Info Disclosure

CVE-2021-20114 HIGH

TCExam <= 14.8.1 - Info Disclosure

CVE-2021-28150 MEDIUM

Hongdian H8922 3.0.5 - Information Disclosure

CVE-2021-24238 MEDIUM

Purethemes Findeo < 1.3.1 - Improper Access Control

CVE-2021-24215 CRITICAL

Wpruby Controlled Admin Access < 1.5.2 - Improper Access Control

CVE-2021-30144 MEDIUM

GLPI Dashboard <1.0.2 - Auth Bypass

CVE-2021-22180 MEDIUM

GitLab <13.4 - Info Disclosure

CVE-2021-3113 HIGH

Netsia SEBA+ <0.16.1 build 70-e669dcd7 - Info Disclosure

CVE-2020-35570 MEDIUM

MymbCONNECT24 <2.11.2 - Info Disclosure

CVE-2020-35391 CRITICAL

Tenda N300 F3 12.01.01.48 - Info Disclosure

CVE-2020-13474 MEDIUM

NCH Express Accounts <8.24 - Privilege Escalation

CVE-2020-7541 MEDIUM

Modicon - Info Disclosure

CVE-2020-29656 HIGH

RT-AC88U Download Master <3.1.0.108 - Info Disclosure

CVE-2020-28937 HIGH

Openclinic - Missing Authentication

CVE-2020-24765 HIGH

InterMind iMind Server <3.13.65 - Info Disclosure

CVE-2020-26150 HIGH

Logaritmo Aware CallManager 2012 - Info Disclosure

CVE-2020-24660 CRITICAL

LemonLDAP::NG <2.0.8 - Auth Bypass

CVE-2020-24203 CRITICAL

Projects World Travel Management System v1.0 - RCE

CVE-2020-13850 HIGH

Artica Pandora FMS 7.44 - Info Disclosure

CVE-2020-11561 HIGH

NCH Express Invoice 7.25 - Privilege Escalation

CVE-2020-10248 HIGH

BWA DiREX-Pro <1.2181 - Info Disclosure

Previous Page 6 of 9 Next

Details

Vulnerabilities 223

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy