Filtered by CWE-639
Total 888 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-0264 1 Oretnom23 1 Clinic Queuing System 2025-06-03 7.3 High
A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /LoginRegistration.php. The manipulation of the argument formToken leads to authorization bypass. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249820.
CVE-2024-32166 1 Webidsupport 1 Webid 2025-06-03 8.8 High
Webid v1.2.1 suffers from an Insecure Direct Object Reference (IDOR) - Broken Access Control vulnerability, allowing attackers to buy now an auction that is suspended (horizontal privilege escalation).
CVE-2024-48899 1 Moodle 1 Moodle 2025-06-02 4.3 Medium
A vulnerability was found in Moodle. Additional checks are required to ensure users can only fetch the list of course badges for courses that they are intended to have access to.
CVE-2024-0580 1 Idmsistemas 1 Sinergia 2025-06-02 6.5 Medium
Omission of user-controlled key authorization in the IDMSistemas platform, affecting the QSige product. This vulnerability allows an attacker to extract sensitive information from the API by making a request to the parameter '/qsige.locator/quotePrevious/centers/X', where X supports values 1,2,3, etc.
CVE-2018-10211 1 Vaultize 1 Enterprise File Sharing 2025-05-30 N/A
An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. There is improper authorization when listing the history of another user via a modified "vaultize_session_id" value in a cookie.
CVE-2023-7199 1 Relevanssi 1 Relevanssi 2025-05-29 5.3 Medium
The Relevanssi WordPress plugin before 4.22.0, Relevanssi Premium WordPress plugin before 2.25.0 allows any unauthenticated user to read draft and private posts via a crafted request
CVE-2025-40650 2025-05-28 N/A
Insecure Direct Object Reference (IDOR) vulnerability in Clickedu. This vulnerability could allow an attacker to retrieve information about student report cards.
CVE-2025-25777 1 Codeastro 1 Bus Ticket Booking System 2025-05-28 8 High
Insecure Direct Object Reference (IDOR) in Codeastro Bus Ticket Booking System v1.0 allows unauthorized access to user profiles. By manipulating the user ID in the URL, an attacker can access another user's profile without proper authentication or authorization checks.
CVE-2022-40186 2 Hashicorp, Redhat 2 Vault, Openshift Data Foundation 2025-05-27 9.1 Critical
An issue was discovered in HashiCorp Vault and Vault Enterprise before 1.11.3. A vulnerability in the Identity Engine was found where, in a deployment where an entity has multiple mount accessors with shared alias names, Vault may overwrite metadata to the wrong alias due to an issue with checking the proper alias assigned to an entity. This may allow for unintended access to key/value paths using that metadata in Vault.
CVE-2024-43239 1 Masteriyo 1 Masteriyo 2025-05-27 4.3 Medium
Authorization Bypass Through User-Controlled Key vulnerability in Masteriyo Masteriyo - LMS.This issue affects Masteriyo - LMS: from n/a through 1.11.4.
CVE-2024-22305 1 Kaliforms 1 Kali Forms 2025-05-23 7.5 High
Authorization Bypass Through User-Controlled Key vulnerability in ali Forms Contact Form builder with drag & drop for WordPress – Kali Forms.This issue affects Contact Form builder with drag & drop for WordPress – Kali Forms: from n/a through 2.3.36.
CVE-2025-20114 2025-05-22 4.3 Medium
A vulnerability in the API of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to perform a horizontal privilege escalation attack on an affected system. This vulnerability is due to insufficient validation of user-supplied parameters in API requests. An attacker could exploit this vulnerability by submitting crafted API requests to an affected system to execute an insecure direct object reference attack. A successful exploit could allow the attacker to access specific data that is associated with different users on the affected system.
CVE-2022-1613 1 10up 1 Restricted Site Access 2025-05-21 5.3 Medium
The Restricted Site Access WordPress plugin before 7.3.2 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based limitations in certain situations.
CVE-2024-6534 1 Monospace 1 Directus 2025-05-19 4.3 Medium
Directus v10.13.0 allows an authenticated external attacker to modify presets created by the same user to assign them to another user. This is possible because the application only validates the user parameter in the 'POST /presets' request but not in the PATCH request. When chained with CVE-2024-6533, it could result in account takeover.
CVE-2023-28656 2 F5, Netapp 5 Nginx Api Connectivity Manager, Nginx Instance Manager, Nginx Security Monitoring and 2 more 2025-05-19 8.1 High
NGINX Management Suite may allow an authenticated attacker to gain access to configuration objects outside of their assigned environment.   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2025-39537 2025-05-19 5.3 Medium
Authorization Bypass Through User-Controlled Key vulnerability in Chimpstudio WP JobHunt allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP JobHunt: from n/a through 7.1.
CVE-2025-4119 1 Weitong 1 Mall 2025-05-16 5.3 Medium
A vulnerability classified as critical was found in Weitong Mall 1.0.0. This vulnerability affects unknown code of the file /queryTotal of the component Product Statistics Handler. The manipulation of the argument isDelete with the input 1 leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-52601 2025-05-16 6.5 Medium
iTop is an web based IT Service Management tool. Prior to versions 2.7.12, 3.1.3, and 3.2.1, anyone with an account having portal access can have read access to objects they're not allowed to see by querying an unprotected route. Versions 2.7.12, 3.1.3, and 3.2.1 contain a fix for the issue.
CVE-2025-24969 2025-05-16 5 Medium
iTop is an web based IT Service Management tool. Prior to version 3.2.1, a portal user can see any other contacts picture by changing the picture ID in the URL. Version 3.2.1 contains a patch for the issue.
CVE-2025-3769 2025-05-16 5.3 Medium
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.92 via the 'view_booking_summary_in_lightbox' due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to retrieve appointment details such as customer names and email addresses.