Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-639

CWE-639

High likelihood

Authorization Bypass Through User-Controlled Key

Parent: CWE-863 - Incorrect Authorization

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

1,575 vulnerabilities with CWE-639

CVE-2022-39018 HIGH

M-Files Hubshare <3.3.11.3 - Info Disclosure

CVE-2022-31692 CRITICAL

Vmware Spring Security < 5.6.9 - IDOR

CVE-2022-36966 MEDIUM

Solarwinds Orion Platform < 2020.2.6 - IDOR

CVE-2022-33077 HIGH

NopCommerce <4.50.2 - Info Disclosure

CVE-2022-41479 HIGH

DevExpress ASP.NET Web Forms Build v19.2.3 - Info Disclosure

CVE-2022-3331 LOW

GitLab EE <15.1.6-15.3.2 - Info Disclosure

CVE-2022-3282 MEDIUM

WordPress Drag and Drop Multiple File Upload <1.3.6.5 - Info Disclo...

CVE-2022-42067 MEDIUM

Oretnom23 Online Birth Certificate Management System - IDOR

CVE-2022-2828 MEDIUM

Octopus Server - Info Disclosure

CVE-2022-1613 MEDIUM

10up Restricted Site Access < 7.3.2 - IDOR

CVE-2022-40186 CRITICAL

Hashicorp Vault < 1.9.9 - IDOR

CVE-2022-1580 MEDIUM

Freehtmldesigns Site Offline < 1.5.3 - IDOR

CVE-2022-2913 MEDIUM

Login NO Captcha Recaptcha < 1.7 - IDOR

CVE-2022-2877 MEDIUM

Titan Anti-spam & Security <7.3.1 - Info Disclosure

CVE-2022-38789 CRITICAL

Airties Smart Wi-Fi <2020-08-04 - SSRF

CVE-2022-36539 HIGH

Ouderapp <1.1.22 - Info Disclosure

CVE-2022-32277 MEDIUM

Squiz Matrix - IDOR

CVE-2022-36202 CRITICAL

Doctor's Appointment System 1.0 - Info Disclosure

CVE-2022-2080 MEDIUM

Automattic Sensei Lms < 4.5.2 - IDOR

CVE-2022-2034 MEDIUM

Automattic Sensei Lms < 4.5.0 - IDOR

CVE-2022-3019 HIGH

App - Privilege Escalation

CVE-2022-34775 MEDIUM

Tabit < 3.27.0 - IDOR

CVE-2022-34770 MEDIUM

Tabit < 3.27.0 - IDOR

CVE-2022-2312 MEDIUM

Student Result or Employee Database WordPress <1.7.5 - CSRF

CVE-2022-2198 MEDIUM

WPQA Builder <5.7 - Info Disclosure

Previous Page 51 of 63 Next

Details

Vulnerabilities 1,575

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy