CWE-639
High likelihoodAuthorization Bypass Through User-Controlled Key
The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.
1,575 vulnerabilities with CWE-639
CVE-2023-1462
HIGH
Vadi Corporate Information Systems DigiKent <23.03.20 - Auth Bypass
CVSS 8.8
CVE-2023-0865
HIGH
Woocommerce Multiple Customer Addresses & Shipping < 21.7 - IDOR
CVSS 8.8
CVE-2023-1463
MEDIUM
nilsteampassnet/teampass <3.0.0.23 - Auth Bypass
CVSS 5.4
CVE-2023-28109
MEDIUM
Play-with-docker Play With Docker - IDOR
CVSS 6.5
CVE-2023-25403
HIGH
Yf-exam - IDOR
CVSS 7.5
CVE-2023-0882
HIGH
Krontech Single Connect < 2.16.1 - IDOR
CVSS 8.8
CVE-2023-25160
MEDIUM
Nextcloud Mail < 1.11.8 - IDOR
CVSS 4.1
CVE-2023-0558
HIGH
ContentStudio plugin <1.2.5 - Auth Bypass
CVSS 8.2
CVE-2023-0550
HIGH
Quick Restaurant Menu <2.0.2 - Privilege Escalation
CVSS 8.1
CVE-2023-22471
LOW
Nextcloud Deck < 1.6.5 - IDOR
CVSS 3.5
CVE-2022-3459
MEDIUM
Lilmonkee Woocommerce Multiple Free Gift < 1.2.3 - IDOR
CVSS 5.3
CVE-2022-43450
MEDIUM
XWP Stream - Auth Bypass
CVSS 4.3
CVE-2022-24401
HIGH
TETRA - Info Disclosure
CVSS 8.8
CVE-2022-24400
HIGH
TETRA - Privilege Escalation
CVSS 7.5
CVE-2022-42175
HIGH
Soluslabs Solusvm - IDOR
CVSS 8.8
CVE-2022-48505
MEDIUM
Apple Macos < 13.0 - IDOR
CVSS 5.5
CVE-2022-36247
CRITICAL
Shop Beat Media Player <3.2.57 - Open Redirect
CVSS 9.1
CVE-2022-48313
MEDIUM
Huawei Emui - IDOR
CVSS 6.5
CVE-2022-45175
MEDIUM
Liveboxcloud Vdesk < 018 - IDOR
CVSS 6.5
CVE-2022-34138
HIGH
Biltema IP and Baby Camera Software <v124 - Info Disclosure
CVSS 7.5
CVE-2022-45927
HIGH
Opentext Extended Ecm < 22.4 - IDOR
CVSS 8.8
CVE-2022-40319
HIGH
Lsoft Listserv - IDOR
CVSS 7.5
CVE-2022-4812
MEDIUM
GitHub repository usememos/memos <0.9.1 - Auth Bypass
CVSS 6.5
CVE-2022-4811
HIGH
usememos/memos <0.9.1 - Auth Bypass
CVSS 8.3
CVE-2022-4806
MEDIUM
GitHub usememos/memos <0.9.1 - Auth Bypass
CVSS 5.3
Details
Vulnerabilities
1,575
Exploit Likelihood
High