Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-639

CWE-639

High likelihood

Authorization Bypass Through User-Controlled Key

Parent: CWE-863 - Incorrect Authorization

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

1,575 vulnerabilities with CWE-639

CVE-2024-31095 MEDIUM

Ricard Torres Thumbs Rating <5.1.0 - Auth Bypass

CVE-2024-30543 MEDIUM

UPQODE Whizz <1.1.18 - Auth Bypass

CVE-2024-30513 MEDIUM

Metagauss Profilegrid < 5.7.3 - IDOR

CVE-2024-30507 LOW

Molongui <4.7.7 - Auth Bypass

CVE-2024-29024 MEDIUM

Fit2cloud Jumpserver < 3.10.6 - IDOR

CVE-2024-29020 MEDIUM

Fit2cloud Jumpserver < 3.10.6 - IDOR

CVE-2024-1313 MEDIUM

Grafana < 9.5.18 - IDOR

CVE-2024-29194 HIGH

OneUptime - Info Disclosure

CVE-2024-2538 MEDIUM

Permalink Manager Lite < 2.4.3.2 - Missing Authorization

CVE-2024-1604 MEDIUM

BMC Control-m < 9.0.20.238 - IDOR

CVE-2024-2577 HIGH

Oretnom23 Employee Task Management System - IDOR

CVE-2024-2576 HIGH

Oretnom23 Employee Task Management System - IDOR

CVE-2024-2575 HIGH

Oretnom23 Employee Task Management System - IDOR

CVE-2024-2574 HIGH

Oretnom23 Employee Task Management System - IDOR

CVE-2024-1640 MEDIUM

Contact Form Builder Plugin <2.10.1 - Info Disclosure

CVE-2024-0839 MEDIUM

FeedWordPress <2022.0222 - Info Disclosure

CVE-2024-23112 HIGH

Fortinet Fortiproxy < 7.0.14 - IDOR

CVE-2024-27302 CRITICAL

go-zero <1.4.4 - SSRF

CVE-2024-1470 HIGH

Netiq Client Login Extension - IDOR

CVE-2024-25983 LOW

Moodle < 4.1.9 - IDOR

CVE-2024-22455 MEDIUM

Dell Mobility - E-Lab Navigator <3.2.0 - Auth Bypass

CVE-2024-0421 MEDIUM

Mappresspro Mappress Maps For Wordpress < 2.88.16 - IDOR

CVE-2024-1075 LOW

Webfactoryltd Minimal Coming Soon & M... - Information Disclosure

CVE-2024-0366 MEDIUM

Squirrly Starbox < 3.4.7 - IDOR

CVE-2024-22305 HIGH

Kali Forms <2.3.36 - Auth Bypass

Previous Page 41 of 63 Next

Details

Vulnerabilities 1,575

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy