Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-425

CWE-425

Direct Request ('Forced Browsing')

Parent: CWE-862 - Missing Authorization

The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files.

223 vulnerabilities with CWE-425

CVE-2019-3933 MEDIUM

Crestron Am-100 Firmware - Improper Access Control

CVE-2019-3916 HIGH

Verizon Fios Quantum Gateway G1100 Firmware - Information Disclosure

CVE-2019-3917 HIGH

Nokia I-240w-q Gpon Ont Firmware - Missing Authentication

CVE-2019-9552 CRITICAL

Eloan V3.0 - Info Disclosure

CVE-2019-6551 HIGH

Pangea Communications Internet FAX ATA <3.1.8 - Auth Bypass

CVE-2019-7736 CRITICAL

D-Link DIR-600M C1 3.04 - Auth Bypass

CVE-2019-6126 HIGH

PHP Scripts Mall Advance Peer to Peer MLM Script <1.7.0 - Auth Bypass

CVE-2018-16060 HIGH

Mitsubishi Electric Europe B.V. SmartRTU - Info Disclosure

CVE-2018-18862 HIGH

BMC Remedy Mid-Tier 7.1.00-9.1.02.003 - Privilege Escalation

CVE-2018-6669 MEDIUM

McAfee Application Control/Change Control <7.0.1 - RCE

CVE-2018-18922 CRITICAL

AbiSoft Ticketly 1.0 - RCE

CVE-2018-19620 MEDIUM

ShowDoc 2.4.1 - XSS

CVE-2018-19207 CRITICAL

Van Ons WP GDPR Compliance <1.4.3 - RCE

CVE-2018-19143 MEDIUM

OTRS <4.0.33-6.0.13 - Privilege Escalation

CVE-2018-19109 HIGH

tianti 2.3 - Auth Bypass

CVE-2018-16706 HIGH

LG SuperSign CMS - DoS

CVE-2018-3774 CRITICAL

Url-parse < 1.4.3 - SSRF

CVE-2018-7526 HIGH

TotalAlert Web App <v4107600010.23 - Info Disclosure

CVE-2018-11346 MEDIUM

ASUSTOR AS6202T ADM 3.1.0.RFQ3 - Info Disclosure

CVE-2018-0267 MEDIUM

Cisco Unified Communications Manager - Information Disclosure

CVE-2018-0266 MEDIUM

Cisco Unified Communications Manager - Information Disclosure

CVE-2018-0198 MEDIUM

Cisco Unified Communications Manager - Info Disclosure

CVE-2018-0140 MEDIUM

Cisco Email Security Appliance Firmware - Information Disclosure

CVE-2018-6624 CRITICAL

OMRON NS <1.4 - Auth Bypass

CVE-2018-0105 MEDIUM

Cisco Unified Communications Manager - Information Disclosure

Previous Page 8 of 9 Next

Details

Vulnerabilities 223

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy