Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-639

CWE-639

High likelihood

Authorization Bypass Through User-Controlled Key

Parent: CWE-863 - Incorrect Authorization

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

1,575 vulnerabilities with CWE-639

CVE-2024-2346 MEDIUM

Ninjateam Filebird < 5.6.4 - IDOR

CVE-2024-24312 HIGH

Vaales Technologies V_QRS <2024-01-17 - Info Disclosure

CVE-2024-33383 HIGH

Xxyopen Novel-plus < 4.3.0 - IDOR

CVE-2024-28320 HIGH

Mayurik Hospital Management System - IDOR

CVE-2024-33542 MEDIUM

Crelly Slider < 1.4.6 - IDOR

CVE-2024-4294 MEDIUM

PHPGurukul Doctor Appointment Management System 1.0 - Improper Cont...

CVE-2024-33668 CRITICAL

Zammad < 6.3.0 - IDOR

CVE-2024-32823 MEDIUM

Blazzdev Rate MY Post < 3.4.5 - IDOR

CVE-2024-32808 MEDIUM

Metagauss Profilegrid < 5.8.0 - IDOR

CVE-2024-32772 MEDIUM

Metagauss Profilegrid < 5.8.0 - IDOR

CVE-2024-32166 HIGH

Webid v1.2.1 - Horizontal Privilege Escalation

CVE-2024-32683 MEDIUM

Wpmet WP Ultimate Review < 2.3.0 - IDOR

CVE-2024-32604 MEDIUM

Plechev Andrey WP-Recall <16.26.5 - Auth Bypass

CVE-2024-1626 HIGH

Lunary < 1.0.0 - IDOR

CVE-2024-22439 MEDIUM

HPE FlexFabric/FlexNetwork - Privilege Escalation

CVE-2024-1625 MEDIUM

CVE-2024-2543 MEDIUM

Permalink Manager Lite < 2.4.3.2 - Missing Authorization

CVE-2024-2261 MEDIUM

WordPress <5.8.2 - Info Disclosure

CVE-2024-1289 MEDIUM

LearnPress - WordPress LMS Plugin <4.2.6.3 - Info Disclosure

CVE-2024-0872 MEDIUM

Watu Quiz <3.4.1 - Info Disclosure

CVE-2024-27630 HIGH

GNU Savane <3.12 - Info Disclosure

CVE-2024-31815 CRITICAL

TOTOLINK EX200 V4.0.3c.7314_B20191204 - Info Disclosure

CVE-2024-31296 MEDIUM

Reputeinfosystems Bookingpress < 1.0.82 - IDOR

CVE-2024-31291 MEDIUM

Metagauss Profilegrid < 5.7.7 - IDOR

CVE-2024-3139 MEDIUM

Oretnom23 Computer Laboratory Management System - Improper Authorization

Previous Page 40 of 63 Next

Details

Vulnerabilities 1,575

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy