Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-639

CWE-639

High likelihood

Authorization Bypass Through User-Controlled Key

Parent: CWE-863 - Incorrect Authorization

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

1,574 vulnerabilities with CWE-639

CVE-2024-55506 HIGH

Codeastro Complaint Management System - IDOR

CVE-2024-55231 MEDIUM

Phpgurukul Online Notes Sharing Management System - IDOR

CVE-2024-4464 HIGH

Synology Media Server <2.2.0-3325 - Auth Bypass

CVE-2024-12061 MEDIUM

Nicheaddons Events Addon For Elementor < 2.2.4 - IDOR

CVE-2024-9819 MEDIUM

NextGeography NG Analyser <2.2.711 - Auth Bypass

CVE-2024-10690 MEDIUM

Elementor <1.0.4 - Info Disclosure

CVE-2024-12447 MEDIUM

Get Post Content Shortcode <0.4 - Insecure Direct Object Reference

CVE-2024-12309 MEDIUM

Rate My Post - Star Rating Plugin <4.2.4 - Info Disclosure

CVE-2024-11275 MEDIUM

WP Timetics <1.0.27 - Info Disclosure

CVE-2024-11181 MEDIUM

Greenshiftwp Greenshift - Animation And Page Builder Blocks - IDOR

CVE-2024-12059 MEDIUM

Elementinvader Addons For Elementor < 1.3.2 - IDOR

CVE-2024-12483 LOW

Ujcms < 9.6.3 - Improper Authorization

CVE-2024-12306 MEDIUM

Unifiedtransform 2.0 - Info Disclosure

CVE-2024-12305 MEDIUM

Unifiedtransform 2.0 - Info Disclosure

CVE-2024-10692 MEDIUM

PowerPack Elementor Addons <2.8.1 - Info Disclosure

CVE-2024-10689 MEDIUM

XLTab - Info Disclosure

CVE-2024-10777 MEDIUM

AnyWhere Elementor <1.2.11 - Info Disclosure

CVE-2024-10787 MEDIUM

La-studioweb La-studio Element Kit For Elementor < 1.4.5 - IDOR

CVE-2024-12099 MEDIUM

Dollie Hub - Info Disclosure

CVE-2024-42422 HIGH

Dell NetWorker 19.10 - Info Disclosure

CVE-2024-12062 MEDIUM

Nicheaddons Charity Addon For Elementor < 1.3.3 - IDOR

CVE-2024-53617 MEDIUM

LibrePhotos <commit 32237 - XSS

CVE-2024-38827 MEDIUM

Org.springframework.security Spring-security-core < 5.7.14 - IDOR

CVE-2024-10798 MEDIUM

Royal-elementor-addons Royal Elementor Addons < 1.7.1003 - IDOR

CVE-2024-10780 MEDIUM

Nicheaddons Restaurant & Cafe Addon For Elementor < 1.6.0 - IDOR

Previous Page 33 of 63 Next

Details

Vulnerabilities 1,574

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy