CWE-639
High likelihoodAuthorization Bypass Through User-Controlled Key
The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.
1,578 vulnerabilities with CWE-639
CVE-2018-16606
MEDIUM
Proconf < 6.1 - IDOR
CVSS 6.5
CVE-2018-15833
MEDIUM
Vanillaforums Vanilla Forums < 2.6.1 - IDOR
CVSS 4.3
CVE-2018-1000210
HIGH
YamlDotNet <4.3.2 - Code Injection
CVSS 7.8
CVE-2018-10211
MEDIUM
Vaultize Enterprise File Sharing <17.05.31 - Info Disclosure
CVSS 5.3
CVE-2017-20223
CRITICAL
Telesquare SKT LTE Router SDT-CS3B1 Insecure Direct Object Reference
CVSS 9.8
CVE-2017-20101
LOW
ProjectSend r754 - Info Disclosure
CVSS 3.5
CVE-2017-3183
HIGH
Sage Xrt Treasury - Incorrect Authorization
CVSS 8.8
CVE-2017-0936
MEDIUM
Nextcloud Server <11.0.7, 12.0.5 - Auth Bypass
CVSS 5.7
CVE-2017-0920
MEDIUM
GitLab <10.1.6, 10.2.6, 10.3.4 - Auth Bypass
CVSS 4.3
CVE-2017-0922
HIGH
Gitlab EE <10.3 - Info Disclosure
CVSS 7.5
CVE-2017-15211
MEDIUM
Kanboard - IDOR
CVSS 4.3
CVE-2017-15209
MEDIUM
Kanboard - IDOR
CVSS 4.3
CVE-2017-15208
MEDIUM
Kanboard - IDOR
CVSS 4.3
CVE-2017-15207
MEDIUM
Kanboard - IDOR
CVSS 4.3
CVE-2017-15206
MEDIUM
Kanboard - IDOR
CVSS 4.3
CVE-2017-15204
MEDIUM
Kanboard - IDOR
CVSS 4.3
CVE-2017-15203
MEDIUM
Kanboard - IDOR
CVSS 4.3
CVE-2017-15202
MEDIUM
Kanboard - IDOR
CVSS 4.3
CVE-2017-15201
MEDIUM
Kanboard - IDOR
CVSS 4.3
CVE-2017-15200
MEDIUM
Kanboard - IDOR
CVSS 4.3
CVE-2017-15199
MEDIUM
Kanboard - IDOR
CVSS 4.3
CVE-2017-15197
MEDIUM
Kanboard - IDOR
CVSS 4.3
CVE-2017-15196
MEDIUM
Kanboard - IDOR
CVSS 4.3
CVE-2017-15195
MEDIUM
Kanboard - IDOR
CVSS 4.3
CVE-2017-0882
MEDIUM
GitLab <8.15.8-8.17.4 - Info Disclosure
CVSS 6.3
Details
Vulnerabilities
1,578
Exploit Likelihood
High