Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-639

CWE-639

High likelihood

Authorization Bypass Through User-Controlled Key

Parent: CWE-863 - Incorrect Authorization

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

1,574 vulnerabilities with CWE-639

CVE-2024-8601 MEDIUM

TechExcel Back Office Software <1.0.0 - Info Disclosure

CVE-2024-8428 HIGH

ForumWP - Privilege Escalation

CVE-2024-1744 HIGH

Accordors Accord Ors < 7.3.2.1 - Missing Authorization

CVE-2024-8292 CRITICAL

Plechevandrey Wp-recall < 16.26.9 - IDOR

CVE-2024-8123 MEDIUM

WP Extended <3.0.8 - Insecure Direct Object Reference

CVE-2024-45232 MEDIUM

powermail <12.3.5 - IDOR

CVE-2024-40395 MEDIUM

PTC ThingWorx <9.5.0 - Info Disclosure

CVE-2024-43916 MEDIUM

Dylanjkotze Zephyr Project Manager < 3.3.103 - IDOR

CVE-2024-8158 MEDIUM

lib9p - Privilege Escalation

CVE-2024-7848 MEDIUM

Mediajedi User Private Files < 2.1.1 - IDOR

CVE-2024-43350 MEDIUM

Propovoice CRM <1.7.6.4 - Auth Bypass

CVE-2024-43322 MEDIUM

Dylan James Zephyr Project Manager <3.3.100 - Auth Bypass

CVE-2024-43315 HIGH

Stripe Payments For WooCommerce <1.9.1 - Auth Bypass

CVE-2024-43288 MEDIUM

wpForo Forum <2.3.4 - Auth Bypass

CVE-2024-43266 MEDIUM

WP Job Portal <2.1.6 - Auth Bypass

CVE-2024-43239 MEDIUM

Masteriyo - LMS <1.11.4 - Auth Bypass

CVE-2024-42464 MEDIUM

upKeeper Manager <5.1.9 - Auth Bypass

CVE-2024-42463 MEDIUM

upKeeper Manager <5.1.9 - Auth Bypass

CVE-2024-27730 CRITICAL

Friendica <2023.12 - RCE

CVE-2024-6534 MEDIUM

Directus v10.13.0 - Privilege Escalation

CVE-2024-21981 MEDIUM

AMD Secure Processor - Info Disclosure

CVE-2024-39642 MEDIUM

ThimPress LearnPress <4.2.6.8.2 - Auth Bypass

CVE-2024-7658 MEDIUM

projectsend <r1605 - Info Disclosure

CVE-2024-3035 MEDIUM

Gitlab < 17.0.6 - IDOR

CVE-2024-6357 MEDIUM

OpenText ArcSight Intelligence - Info Disclosure

Previous Page 37 of 63 Next

Details

Vulnerabilities 1,574

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy