Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-639

CWE-639

High likelihood

Authorization Bypass Through User-Controlled Key

Parent: CWE-863 - Incorrect Authorization

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

1,572 vulnerabilities with CWE-639

CVE-2025-67298 HIGH

ClasroomIO <0.2.6 - Privilege Escalation

CVE-2025-62166 HIGH

FreshRSS <1.28.0 - Auth Bypass

CVE-2025-58402 HIGH

CGM CLININET - Auth Bypass

CVE-2025-14742 MEDIUM

WP Recipe Maker <=10.2.3 - Info Disclosure

CVE-2025-40541 CRITICAL

Serv-U - Privilege Escalation

CVE-2025-70833 CRITICAL

Smanga 3.2.7 - Auth Bypass

CVE-2025-15582 MEDIUM

detronetdip E-commerce 1.0.0 - Auth Bypass

CVE-2025-69394 HIGH

Cnvrse <=026.02.10.20 - Auth Bypass

CVE-2025-68514 MEDIUM

Paid Member Subscriptions <=2.16.8 - Auth Bypass

CVE-2025-68051 HIGH

Shiprocket <=2.0.8 - Auth Bypass

CVE-2025-9062 HIGH

Envanty <1.0.6 - Auth Bypass

CVE-2025-13842 MEDIUM

Breadcrumb NavXT <=7.5.0 - Auth Bypass

CVE-2025-70063 MEDIUM

PHPGurukul HMS 4.0 - IDOR

CVE-2025-12071 MEDIUM

WordPress Frontend User Notes <=2.1.0 - IDOR

CVE-2025-69752 MEDIUM

Ideagen Q-Pulse 7.1.0.32 - Info Disclosure

CVE-2025-13004 MEDIUM

Farktor Software E-Commerce Services Inc. E-Commerce Package <2.711...

CVE-2025-14594 LOW

GitLab CE/EE <18.6.6-18.8.4 - Info Disclosure

CVE-2025-15096 HIGH

Videospirecore Theme Plugin <1.0.6 - Privilege Escalation

CVE-2025-10912 MEDIUM

Saastech TemizlikYolda <11022026 - Auth Bypass

CVE-2025-7347 HIGH

Dinibh Patrol Tracking System <10022026 - Auth Bypass

CVE-2025-12063 MEDIUM

Product <Version - Info Disclosure

CVE-2025-15147 MEDIUM

WCFM Membership - WooCommerce Memberships <2.11.8 - Insecure Direct...

CVE-2025-69207 MEDIUM

Pypi Khoj - IDOR

CVE-2025-36365 MEDIUM

IBM Db2 < 11.5.9 - IDOR

CVE-2025-7013 MEDIUM

QR Menu Pro Smart Menu Systems Menu Panel <29012026 - Auth Bypass

Previous Page 14 of 63 Next

Details

Vulnerabilities 1,572

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy