Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-639

CWE-639

High likelihood

Authorization Bypass Through User-Controlled Key

Parent: CWE-863 - Incorrect Authorization

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

1,574 vulnerabilities with CWE-639

CVE-2024-13429 MEDIUM

WP Job Portal - Insecure Direct Object Reference

CVE-2024-13428 MEDIUM

WP Job Portal <2.2.6 - Insecure Direct Object Reference

CVE-2024-13425 MEDIUM

WP Job Portal <2.2.6 - Insecure Direct Object Reference

CVE-2024-13372 MEDIUM

WP Job Portal <2.2.6 - Insecure Direct Object Reference

CVE-2024-12102 MEDIUM

Seventhqueen Typer Core < 1.9.6 - IDOR

CVE-2024-13694 HIGH

Moreconvert Woocommerce Wishlist < 1.8.8 - Improper Authorization

CVE-2024-13457 MEDIUM

WordPress - Insecure Direct Object Reference

CVE-2024-10497 HIGH

Device - Privilege Escalation

CVE-2024-11146 MEDIUM

TrueFiling <3.1.112.19 - Info Disclosure

CVE-2024-10775 MEDIUM

Piotnet Addons For Elementor <2.4.32 - Info Disclosure

CVE-2024-12116 MEDIUM

Unlimited Theme Addon For Elementor & WooCommerce <1.2.1 - Info Dis...

CVE-2024-11915 MEDIUM

Elementor <1.1.0 - Info Disclosure

CVE-2024-42169 HIGH

Hcltech Dryice Myxalytics - IDOR

CVE-2024-12472 MEDIUM

Metaphorcreations Post Duplicator < 2.37 - IDOR

CVE-2024-10215 CRITICAL

WPBookit <1.6.4 - Privilege Escalation

CVE-2024-44450 MEDIUM

AIMS eCrew - Auth Bypass

CVE-2024-12131 MEDIUM

Wpjobportal WP Job Portal < 2.2.6 - IDOR

CVE-2024-12132 MEDIUM

Wpjobportal WP Job Portal < 2.2.5 - IDOR

CVE-2024-13040 HIGH

Quanta Computer - Auth Bypass

CVE-2024-52294 MEDIUM

Khoj <1.29.10 - IDOR

CVE-2024-12335 MEDIUM

Theme-fusion Avada Builder < 3.11.12 - IDOR

CVE-2024-12103 MEDIUM

Content No Cache: prevent specific content from being cached <0.1.2...

CVE-2024-10797 MEDIUM

Elementor <1.0.7 - Info Disclosure

CVE-2024-55471 MEDIUM

Nuget Oqtane.framework - IDOR

CVE-2024-55186 MEDIUM

Nuget Oqtane.framework - IDOR

Previous Page 32 of 63 Next

Details

Vulnerabilities 1,574

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy