The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files.
223 vulnerabilities with CWE-425
CVE-2017-17736
CRITICAL
Kentico - Installer Privilege Escalation
CVSS 9.8
CVE-2017-14993
HIGH
OXID eShop <6.0.0 RC3, <4.10.6, <4.9.11 - Info Disclosure
CVSS 7.5
CVE-2017-15235
HIGH
Horde Groupware <5.2.21 - Auth Bypass
CVSS 7.5
CVE-2017-14244
CRITICAL
iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2 - Auth Bypass
CVSS 9.8
CVE-2017-10833
CRITICAL
Dokodemo eye Smart HD <1.0.3.1000 - Auth Bypass
CVSS 9.1
CVE-2017-2161
LOW
FlashAirTM SDHC - Auth Bypass
CVSS 3.5
CVE-2017-2143
MEDIUM
CS-Cart Japanese Edition <4.3.10-jp-1 - Auth Bypass
CVSS 5.3
CVE-2017-2139
MEDIUM
CS-Cart Japanese Edition <4.3.10 - Auth Bypass
CVSS 5.3
CVE-2017-2486
MEDIUM
Apple <10.3 - CSRF
CVSS 6.5
CVE-2016-1000111
MEDIUM
Twisted <16.3.1 - SSRF
CVSS 5.3
CVE-2015-1313
MEDIUM
JetBrains TeamCity <9.0.2 - Auth Bypass
CVSS 6.5
CVE-2015-2873
Trend Micro Deep Discovery Inspector <3.5.1477-<3.8.1263 - Info Dis...
CVE-2005-1892
Flatnuke < 2.5.3 - Denial of Service
CVE-2005-1827
D-Link DSL-504T - Auth Bypass
CVE-2005-1697
PostNuke <0.760 - Info Disclosure
CVE-2005-1698
PostNuke 0.750-0.760RC3 - Info Disclosure
CVE-2005-1685
episodex Guestbook - Auth Bypass
CVE-2005-1688
MEDIUM
Wordpress <1.5 - Info Disclosure
CVSS 5.3
CVE-2005-1654
Hosting Controller <6.1.9 - RCE
CVE-2005-1668
YusASP Web Asset Manager 1.0 - Privilege Escalation
CVE-2004-2144
Baal Smart Forms <3.2 - Auth Bypass
CVE-2004-2257
MEDIUM
phpMyFAQ 1.4.0 - Info Disclosure
CVSS 5.3
CVE-2002-1798
CRITICAL
MidiCart PHP - RCE
CVSS 9.1
Details
Vulnerabilities
223