Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-472

CWE-472

External Control of Assumed-Immutable Web Parameter

Parent: CWE-642 - External Control of Critical State Data

The web application does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable, such as hidden form fields.

75 vulnerabilities with CWE-472

CVE-2024-50703 MEDIUM

TeamPass <3.1.3.1 - Privilege Escalation

CVE-2024-12123 MEDIUM

Issuetrak 17.1 - Auth Bypass

CVE-2024-7025 HIGH

Google Chrome < 129.0.6668.89 - Integer Overflow

CVE-2024-9123 HIGH

Google Chrome < 129.0.6668.70 - Integer Overflow

CVE-2024-6010 MEDIUM

Cost Calculator Builder PRO <3.2.1 - Info Disclosure

CVE-2024-3649 MEDIUM

The Contact Form by WPForms - WordPress <1.8.7.2 - Info Disclosure

CVE-2024-25153 CRITICAL

FileCatalyst Workflow Web Portal - Path Traversal

CVE-2024-22049 MEDIUM

httparty <0.21.0 - Info Disclosure

CVE-2023-38520 MEDIUM

PINPOINT.WORLD Pinpoint Booking System <2.9.9.3.4 - XSS

CVE-2023-24373 LOW

WpDevArt Booking calendar <3.2.3 - XSS

CVE-2023-28512 MEDIUM

IBM Watson CP4D Data Stores <4.6.3 - Info Disclosure

CVE-2022-30597 MEDIUM

Moodle - Info Disclosure

CVE-2021-27770 MEDIUM

FaviconService - Info Disclosure

CVE-2021-27769 MEDIUM

Information Disclosure - Info Disclosure

CVE-2021-1295 CRITICAL

Cisco Small Business VPN Routers - RCE

CVE-2021-1294 CRITICAL

Cisco Small Business RV160-260 - RCE

CVE-2021-1293 CRITICAL

Cisco Small Business RV160-260 - RCE

CVE-2021-1292 CRITICAL

Cisco Small Business RV160-260 - RCE

CVE-2021-1291 CRITICAL

Cisco Small Business RV160-260 - RCE

CVE-2021-1290 CRITICAL

Cisco Small Business RV160-260 - RCE

CVE-2021-1289 CRITICAL

Cisco Small Business RV160-260 - RCE

CVE-2020-1765 LOW

OTRS <5.0.39, <6.0.24, <7.0.13 - Info Disclosure

CVE-2019-13927 MEDIUM

Desigo PX - Path Traversal

CVE-2017-5261 HIGH

Cambium Networks cnPilot <4.3.2-R4 - Path Traversal

CVE-2017-5260 HIGH

Cambium Networks cnPilot <4.3.2-R4 - Info Disclosure

Previous Page 3 of 3

Details

Vulnerabilities 75

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy