Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-639

CWE-639

High likelihood

Authorization Bypass Through User-Controlled Key

Parent: CWE-863 - Incorrect Authorization

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

1,573 vulnerabilities with CWE-639

CVE-2025-0670 MEDIUM

Akinsoft ProKuafor <1.02.08 - Auth Bypass

CVE-2025-56254 MEDIUM

Phpgurukul Employee Leave Management System - IDOR

CVE-2025-0640 MEDIUM

Akinsoft OctoCloud <1.11.01 - Auth Bypass

CVE-2025-8447 LOW

Github Enterprise Server < 3.14.17 - IDOR

CVE-2025-45968 CRITICAL

System Pdv - IDOR

CVE-2025-55621 MEDIUM

Reolink v4.54.0.4.20250526 - IDOR

CVE-2025-57886 MEDIUM

Equalize Digital Accessibility Checker <1.30.0 - Auth Bypass

CVE-2025-55370 HIGH

jshERP <3.5 - Info Disclosure

CVE-2025-9264 MEDIUM

Xuxueli xxl-job <3.1.1 - Info Disclosure

CVE-2025-9263 MEDIUM

Xuxueli xxl-job <3.1.1 - Info Disclosure

CVE-2025-5261 HIGH

Pik Online <3.1.5 - Auth Bypass

CVE-2025-53208 HIGH

Maya Business <1.2.0 - Auth Bypass

CVE-2025-55737 MEDIUM

flaskBlog <2.8.0 - Info Disclosure

CVE-2025-43732 LOW

Liferay Digital Experience Platform < 2024.Q1.18 - IDOR

CVE-2025-54691 MEDIUM

Stylemix Motors <1.4.80 - Auth Bypass

CVE-2025-8770 MEDIUM

Gitlab < 18.0.6 - IDOR

CVE-2025-3089 MEDIUM

ServiceNow AI Platform - Privilege Escalation

CVE-2025-8794 MEDIUM

Litmus < 3.19.0 - Improper Authorization

CVE-2025-8789 MEDIUM

Portabilis I-educar < 2.9.0 - Improper Authorization

CVE-2025-8755 MEDIUM

Macrozheng Mall < 1.0.3 - Improper Authorization

CVE-2025-4796 HIGH

Themewinter Eventin < 4.0.35 - IDOR

CVE-2025-36023 MEDIUM

IBM Cloud Pak For Business Automation - IDOR

CVE-2025-51533 MEDIUM

Sagedpw Sage Dpw < 2025_06_000 - IDOR

CVE-2025-46387 HIGH

Unknown Product - Auth Bypass

CVE-2025-46386 HIGH

Emby MediaBrowser 4.9.0.35 - Authorization Bypass Through User-Controlled Key

Previous Page 24 of 63 Next

Details

Vulnerabilities 1,573

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy