Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-639

CWE-639

High likelihood

Authorization Bypass Through User-Controlled Key

Parent: CWE-863 - Incorrect Authorization

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

1,573 vulnerabilities with CWE-639

CVE-2025-34293 HIGH

GN4 Publishing System <2.6 - Info Disclosure

CVE-2025-11957 HIGH

Devolutions Server < 2025.2.14.0 - IDOR

CVE-2025-49952 MEDIUM

Houzez <4.1.1 - Auth Bypass

CVE-2025-6833 MEDIUM

All in One Time Clock Lite - WordPress <2.0 - Insecure Direct Objec...

CVE-2025-10570 MEDIUM

WooCommerce Flexible Refund Return Order <1.0.38 - Auth Bypass

CVE-2025-60511 MEDIUM

Moodle OpenAI Chat Block plugin 3.0.1 - IDOR

CVE-2025-8884 MEDIUM

VHS Electronic Software Ltd. Co. ACE Center <3.10.161.2255 - Privil...

CVE-2025-11741 MEDIUM

WPC Smart Quick View <4.2.5 - Info Disclosure

CVE-2025-11519 MEDIUM

Optimole <4.1.0 - Insecure Direct Object Reference

CVE-2025-11517 HIGH

WordPress Event Tickets & Registration <5.26.5 - Auth Bypass

CVE-2025-11895 MEDIUM

Binary MLM Plan <3.0 - Info Disclosure

CVE-2025-9559 MEDIUM

Pega Platform <Infinity - Info Disclosure

CVE-2025-41020 HIGH

Sergestec Exito - IDOR

CVE-2025-10742 CRITICAL

Truelysell Core <1.8.6 - Privilege Escalation

CVE-2025-11176 MEDIUM

Quick Featured Images <13.7.2 - Insecure Direct Object Reference

CVE-2025-40773 LOW

Siemens Sipass Integrated < 3.00 - IDOR

CVE-2025-62252 MEDIUM

Liferay Digital Experience Platform < 7.4 - IDOR

CVE-2025-62242 MEDIUM

Liferay Digital Experience Platform < 7.4.3.112 - IDOR

CVE-2025-62241 MEDIUM

Liferay Digital Experience Platform < 4.0.114 - IDOR

CVE-2025-62244 MEDIUM

Liferay Digital Experience Platform < 2023.q3.9 - IDOR

CVE-2025-9902 HIGH

AKIN Software Computer Import Export Industry and Trade Co. Ltd. QR...

CVE-2025-31997 MEDIUM

Hcltech Unica Centralized Offer Management < 25.1.0.1 - IDOR

CVE-2025-11518 MEDIUM

WPC Smart Wishlist <5.0.3 - Insecure Direct Object Reference

CVE-2025-8887 MEDIUM

Usta Information Systems Inc. Aybs Interaktif - Info Disclosure

CVE-2025-61779 HIGH

Confidential Containers Trustee <0.15.0 - Auth Bypass

Previous Page 21 of 63 Next

Details

Vulnerabilities 1,573

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy