CWE-639
High likelihoodAuthorization Bypass Through User-Controlled Key
The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.
1,575 vulnerabilities with CWE-639
CVE-2024-6357
MEDIUM
OpenText ArcSight Intelligence - Info Disclosure
CVSS 6.3
CVE-2024-7438
MEDIUM
SimpleMachines SMF 2.1.4 - Improper Control of Resource Identifiers
CVSS 4.3
CVE-2024-7437
MEDIUM
SimpleMachines SMF 2.1.4 - Improper Control of Resource Identifiers
CVSS 5.4
CVE-2024-41254
MEDIUM
Litestream < 0.3.13 - IDOR
CVSS 5.3
CVE-2024-38701
MEDIUM
Academy LMS <2.0.4 - Auth Bypass
CVSS 4.3
CVE-2024-34457
MEDIUM
Flink <2.1.4 - Info Disclosure
CVSS 6.5
CVE-2024-5977
MEDIUM
Givewp < 3.14.0 - IDOR
CVSS 5.4
CVE-2024-5619
CRITICAL
PruvaSoft Informatics Apinizer Mgmt Console <2024.05.1 - Auth Bypass
CVSS 9.6
CVE-2024-38447
HIGH
NATO NCI ANET 3.4.1 - Info Disclosure
CVSS 8.1
CVE-2024-38446
MEDIUM
NATO NCI ANET 3.4.1 - Privilege Escalation
CVSS 6.5
CVE-2024-6410
MEDIUM
Metagauss Profilegrid < 5.9.0 - IDOR
CVSS 4.3
CVE-2024-39901
MEDIUM
Opensearch Observability < 2.14 - IDOR
CVSS 4.2
CVE-2024-39900
MEDIUM
Opensearch Observability < 2.14 - IDOR
CVSS 5.4
CVE-2024-39897
MEDIUM
Zot < 2.1.0 - IDOR
CVSS 4.3
CVE-2024-21759
MEDIUM
Fortinet Fortiportal < 7.0.7 - IDOR
CVSS 4.3
CVE-2024-4341
MEDIUM
Extremepacs Extreme Xds < 3928 - Missing Authorization
CVSS 6.5
CVE-2024-39321
HIGH
Traefik < 2.11.6 - IDOR
CVSS 7.5
CVE-2024-39223
CRITICAL
Ginuerzh Gost - IDOR
CVSS 9.8
CVE-2024-31898
MEDIUM
IBM InfoSphere Information Server 11.7 - Auth Bypass
CVSS 5.4
CVE-2024-5942
MEDIUM
Carlosfazenda Page And Post Clone < 6.1 - IDOR
CVSS 4.3
CVE-2024-1107
CRITICAL
Talya Informatics Travel APPS <v17.0.68 - Auth Bypass
CVSS 9.8
CVE-2024-4874
MEDIUM
Bricks < 1.9.9 - IDOR
CVSS 4.3
CVE-2024-5639
MEDIUM
WordPress <2.6.1 - Insecure Direct Object Reference
CVSS 4.3
CVE-2024-4873
MEDIUM
WordPress Replace Image <1.1.10 - Insecure Direct Object Reference
CVSS 4.3
CVE-2024-37889
MEDIUM
Treyww Myfinances < 0.4.6 - IDOR
CVSS 6.5
Details
Vulnerabilities
1,575
Exploit Likelihood
High