Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/08/08 10:23 a.m.6 views

CVE-2025-46386

CWE-639 Authorization Bypass Through User-Controlled Key...

8.8CVSS6.4AI score0.00292EPSS
Exploits0References1
CVE
CVE
added 2025/08/06 10:43 a.m.21 views

CVE-2025-46387

CVE-2025-46387 describes an authorization bypass in Emby MediaBrowser (a media server) via a user-controlled key (CWE-639). The vulnerability is documented across multiple feeds (NVD/NVD-derived, CNVD, ENISA ENISA EUVD, CCTV-like references), consistently noting an authorization bypass mechanism ...

8.8CVSS6.5AI score0.00292EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/18 9:36 p.m.20 views

CVE-2024-43239 WordPress Masteriyo LMS plugin <= 1.11.4 - Insecure Direct Object Reference (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in masteriyo Masteriyo - LMS learning-management-system.This issue affects Masteriyo - LMS: from n/a through = 1.11.4...

4.3CVSS5.2AI score0.00292EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/08 4:9 p.m.32 views

CVE-2024-35659 WordPress KiviCare plugin <= 3.6.6 - Insecure Direct Object References (IDOR) vulnerability

Missing Authorization vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects KiviCare: from n/a through = 3.6.6...

5.3CVSS0.00336EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/07 6:7 p.m.22 views

CVE-2024-31296 WordPress BookingPress plugin <= 1.0.81 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in Repute Infosystems BookingPress.This issue affects BookingPress: from n/a through 1.0.81...

4.3CVSS5AI score0.00318EPSS
Exploits0References1
Prion
Prion
added 2024/03/12 3:15 p.m.20 views

Authorization

An authorization bypass through user-controlled key vulnerability CWE-639 in FortiOS version 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.1 through 7.0.13, 6.4.7 through 6.4.14, and FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14 SSL-VPN may allow an authenticat...

4CVSS7.2AI score0.00663EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/05/24 12:4 p.m.22 views

CVE-2023-2065 IDOR in Armoli Technology's Cargo Tracking System

Authorization Bypass Through User-Controlled Key vulnerability in Armoli Technology Cargo Tracking System allows Authentication Abuse, Authentication Bypass. This issue affects Cargo Tracking System: before 3558f28...

8.8CVSS8.9AI score0.00845EPSS
Exploits0References2
Prion
Prion
added 2023/05/20 10:15 a.m.12 views

Authorization

Authorization Bypass Through User-Controlled Key vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform allows Authentication Abuse, Authentication Bypass.This issue affects Rental Module: before 23.05.15...

7.5CVSS9.5AI score0.00765EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder