Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-639

CWE-639

High likelihood

Authorization Bypass Through User-Controlled Key

Parent: CWE-863 - Incorrect Authorization

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

1,570 vulnerabilities with CWE-639

CVE-2026-4160 MEDIUM

Fluent Forms < 6.1.21 - IDOR

CVE-2026-40784 HIGH

WordPress FluentBoards plugin <= 1.91.2 - Insecure Direct Object References (IDOR) vulnerability

CVE-2026-40737 MEDIUM

WordPress COMPE plugin <= 1.1.4 - Insecure Direct Object References (IDOR) vulnerability

CVE-2026-5617 HIGH

Login as User <= 1.0.3 - Authenticated (Subscriber+) Privilege Escalation via 'oclaup_original_admin' Cookie

CVE-2026-1541 MEDIUM

Avada (Fusion) Builder <= 3.15.1 - Authenticated (Subscriber+) Sensitive Information Exposure via Insecure Direct Object Reference

CVE-2026-34602 HIGH

Chamilo LMS: IDOR in /api/course_rel_users Allows Unauthorized Enrollment of Arbitrary Users into Courses

CVE-2026-34370 MEDIUM

Chamilo LMS: IDOR in the Notebook Module allows an attacker to view other users' private notes

CVE-2026-34213 MEDIUM

Docmost has cross-page attachment overwrite via flawed attachmentId overwrite validation

CVE-2026-38532 HIGH

Webkul Krayin CRM 2.2.x - Auth Bypass

CVE-2026-38530 HIGH

Webkul Krayin CRM 2.2.x - BOLA

CVE-2026-38529 HIGH

Webkul Krayin CRM 2.2.x - Auth Bypass

CVE-2026-25654 HIGH

Siemens SINEC NMS <V4.0 SP3 - Auth Bypass

CVE-2026-33740 MEDIUM

EspoCRM: Email importEml can import and delete another user's attachment by raw fileId

CVE-2026-40043 MEDIUM

Pachno 1.0.6 Authentication Bypass via runSwitchUser()

CVE-2026-3371 MEDIUM

Tutor LMS <= 3.9.7 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Course Content Modification

CVE-2026-40252 HIGH

Broken Access Control (IDOR) Leading to Cross-Tenant Application Access in FastGPT

CVE-2026-33736 MEDIUM

Chamilo LMS has an Insecure Direct Object Reference (IDOR) - User Data Exposure

CVE-2026-33703 MEDIUM

Chamilo LMS Critical IDOR: Any Authenticated User Can Extract All Users’ Personal Data and API Tokens

CVE-2026-33702 HIGH

Chamilo LMS has an Insecure Direct Object Reference (IDOR)

CVE-2026-33141 MEDIUM

Chamilo LMS has an IDOR in REST API Stats Endpoint Exposes Any User's Learning Data

CVE-2026-32930 HIGH

Chamilo LMS has an IDOR in Gradebook Allows Cross-Course Evaluation Edit Without Ownership Check

CVE-2026-32894 HIGH

Chamilo LMS has an IDOR in Gradebook Allows Cross-Course Deletion of Any Student's Grade Result

CVE-2026-29002 HIGH

CouchCMS Privilege Escalation via f_k_levels_list Parameter

CVE-2026-39942 HIGH

Directus has a Path Traversal and Broken Access Control in File Management API

CVE-2026-5842 HIGH

decolua 9router Administrative API Endpoint api authorization

Previous Page 3 of 63 Next

Details

Vulnerabilities 1,570

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy