Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-425

CWE-425

Direct Request ('Forced Browsing')

Parent: CWE-862 - Missing Authorization

The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files.

223 vulnerabilities with CWE-425

CVE-2020-8439 MEDIUM

Monstra CMS <3.0.4 - Privilege Escalation

CVE-2019-20484 HIGH

Viki Vera <4.9.1.26180 - Info Disclosure

CVE-2019-25012 HIGH

Webform Report <7.x-1.x-dev - Info Disclosure

CVE-2019-12768 CRITICAL

D-Link DAP-1650 <1.04B02_J65H - Auth Bypass

CVE-2019-2388 MEDIUM

MongoDB Ops Manager <4.0.9-4.1.5 - Info Disclosure

CVE-2019-17646 HIGH

Centreon <19.10.2 - Info Disclosure

CVE-2019-17645 HIGH

Centreon <2.8.31, 18.10.9, 19.04.6, 19.10.3 - Info Disclosure

CVE-2019-17644 HIGH

Centreon <2.8-30, 18.10-8, 19.04-5, 19.10-2 - Info Disclosure

CVE-2019-17643 HIGH

Centreon <2.8-30,18.10-8,19.04-5,19.10-2 - Info Disclosure

CVE-2019-16388 MEDIUM

PEGA Platform 8.3.0 - Info Disclosure

CVE-2019-16386 MEDIUM

PEGA Platform 7.x-8.x - Info Disclosure

CVE-2019-16340 CRITICAL

Belkin Linksys Velop <1.1.8.192419 - Info Disclosure

CVE-2019-14927 HIGH

Mitsubishielectric Smartrtu Firmware < 2.02 - Missing Authentication

CVE-2019-17503 MEDIUM

Kirona DRS 5.5.3.5 - Info Disclosure

CVE-2019-11326 HIGH

Topcon Positioning Net-G5 GNSS Receiver <5.2.2 - Info Disclosure

CVE-2019-1220 MEDIUM

Microsoft Browser - Auth Bypass

CVE-2019-9584 CRITICAL

eQ-3 Homematic AddOn 'CloudMatic' - Privilege Escalation

CVE-2019-13030 HIGH

eQ-3 Homematic CCU3 - Info Disclosure

CVE-2019-14347 HIGH

Schben Adive 2.0.7 - RCE

CVE-2019-9884 CRITICAL

eClass platform < ip.2.5.10.2.1 - Auth Bypass

CVE-2019-13981 MEDIUM

Directus 7 API <2.3.0 - Info Disclosure

CVE-2019-12583 CRITICAL

Zyxel Uag2100 Firmware < 4.18\(aaiz.1\)c0 - Denial of Service

CVE-2019-1899 MEDIUM

Cisco RV110W/RV130W/RV215W - Info Disclosure

CVE-2019-1898 MEDIUM

Cisco RV110W, RV130W, and RV215W - Info Disclosure

CVE-2019-3934 MEDIUM

Crestron Am-100 Firmware - Improper Access Control

Previous Page 7 of 9 Next

Details

Vulnerabilities 223

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy