Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-639

CWE-639

High likelihood

Authorization Bypass Through User-Controlled Key

Parent: CWE-863 - Incorrect Authorization

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

1,574 vulnerabilities with CWE-639

CVE-2025-27929 MEDIUM

Growatt Cloud Portal < 3.6.0 - IDOR

CVE-2025-27927 MEDIUM

Growatt Cloud Portal < 3.6.0 - IDOR

CVE-2025-27719 MEDIUM

Growatt Cloud Portal < 3.6.0 - IDOR

CVE-2025-27575 MEDIUM

Growatt Cloud Portal < 3.6.0 - IDOR

CVE-2025-27565 MEDIUM

Growatt Cloud Portal < 3.6.0 - IDOR

CVE-2025-27561 MEDIUM

Growatt Cloud Portal < 3.6.0 - IDOR

CVE-2025-26857 MEDIUM

Growatt Cloud Portal < 3.6.0 - IDOR

CVE-2025-25276 MEDIUM

Growatt Cloud Portal <= 3.6.0 - Device Hijacking

CVE-2025-24850 MEDIUM

Growatt Cloud Portal <= 3.6.0 - Information Disclosure

CVE-2025-24315 MEDIUM

Growatt Cloud Portal < 3.6.0 - IDOR

CVE-2025-31949 MEDIUM

Growatt Cloud Portal < 3.6.0 - IDOR

CVE-2025-31941 MEDIUM

Growatt Cloud Portal < 3.6.0 - IDOR

CVE-2025-31933 MEDIUM

Growatt Cloud Portal < 3.6.0 - IDOR

CVE-2025-31357 MEDIUM

Growatt Cloud Portal < 3.6.0 - IDOR

CVE-2025-30514 MEDIUM

Smart Device Collections - Info Disclosure

CVE-2025-30254 MEDIUM

Growatt Cloud Portal <= 3.6.0 - Information Disclosure

CVE-2025-27939 HIGH

Growatt Cloud Portal < 3.6.0 - IDOR

CVE-2025-27938 MEDIUM

Growatt Cloud Portal < 3.6.0 - IDOR

CVE-2025-27568 MEDIUM

Growatt Cloud Portal < 3.6.0 - IDOR

CVE-2025-24487 MEDIUM

Growatt Cloud Portal < 3.6.0 - IDOR

CVE-2025-3575 HIGH

Deporsite - Info Disclosure

CVE-2025-3574 HIGH

Deporsite - Info Disclosure

CVE-2025-3537 MEDIUM

Tutorials-website Employee Management System - Improper Authorization

CVE-2025-3536 MEDIUM

Tutorials-website Employee Management System - Improper Authorization

CVE-2025-3292 MEDIUM

WordPress <4.1.3 - Insecure Direct Object Reference

Previous Page 28 of 63 Next

Details

Vulnerabilities 1,574

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy