Export limit exceeded: 362833 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (239 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-59797 2026-04-15 5.8 Medium
Profession Fit 5.0.99 Build 44910 allows authorization bypass via a direct request for /api/challenges/{id} and also URLs for eversports, the user-management page, and the plane page.
CVE-2025-52920 2026-04-15 6.4 Medium
Innoshop through 0.4.1 allows Insecure Direct Object Reference (IDOR) at multiple places within the frontend shop. Anyone can create a customer account and easily exploit these. Successful exploitation results in disclosure of the PII of other customers and the deletion of their reviews of products on the website. To be specific, an attacker could view the order details of any order by browsing to /en/account/orders/_ORDER_ID_ or use the address and billing information of other customers by manipulating the shipping_address_id and billing_address_id parameters when making an order (this information is then reflected in the receipt). Additionally, an attacker could delete the reviews of other users by sending a DELETE request to /en/account/reviews/_REVIEW_ID.
CVE-2025-27581 2026-04-15 4.3 Medium
NIH BRICS (aka Biomedical Research Informatics Computing System) through 14.0.0-67 allows users who lack the InET role to access the InET module via direct requests to known endpoints.
CVE-2024-6188 2026-04-15 5.3 Medium
A vulnerability was found in Parsec Automation TrackSYS 11.x.x and classified as problematic. This issue affects some unknown processing of the file /TS/export/pagedefinition. The manipulation of the argument ID leads to direct request. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-269159. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-26381 1 Johnsoncontrols 1 Openblue Workplace 2026-04-15 N/A
Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to sensitive information.
CVE-2025-48201 2026-04-15 8.6 High
The ns_backup extension through 13.0.0 for TYPO3 has a Predictable Resource Location.
CVE-2025-31971 2026-04-15 5.1 Medium
AIML Solutions for HCL SX is vulnerable to a URL validation vulnerability.  The issue may allow attackers to launch a server-side request forgery (SSRF) attack enabling unauthorized network calls from the system, potentially exposing internal services or sensitive information.
CVE-2025-32367 2026-04-15 8.6 High
The Oz Forensics face recognition application before 4.0.8 late 2023 allows PII retrieval via /statistic/list Insecure Direct Object Reference. NOTE: the number 4.0.8 was used for both the unpatched and patched versions.
CVE-2025-65011 2026-04-15 N/A
In WODESYS WD-R608U router (also known as WDR122B V2.0 and WDR28) an unauthorised user can view configuration files by directly referencing the resource in question. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version WDR28081123OV1.01 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.
CVE-2025-1542 2026-04-15 N/A
Improper permission control vulnerability in the OXARI ServiceDesk application could allow an attacker using a guest access or an unprivileged account to gain additional administrative permissions in the application.This issue affects OXARI ServiceDesk in versions before 2.0.324.0.
CVE-2024-9945 2026-04-15 5.3 Medium
An information-disclosure vulnerability exists in Fortra's GoAnywhere MFT application prior to version 7.7.0 that allows external access to the resources in certain admin root folders.
CVE-2024-6414 2026-04-15 5.3 Medium
A vulnerability classified as problematic has been found in Parsec Automation TrakSYS 11.x.x. Affected is an unknown function of the file TS/export/contentpage of the component Export Page. The manipulation of the argument ID leads to direct request. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-270000. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-48205 1 Typo3 1 Sr Feuser Register Extension 2026-04-15 8.6 High
The sr_feuser_register extension through 12.4.8 for TYPO3 allows Insecure Direct Object Reference.
CVE-2024-2730 1 Mautic 1 Mautic 2026-04-15 5.3 Medium
Mautic uses predictable page indices for unpublished landing pages, their content can be accessed by unauthenticated users under public preview URLs which could expose sensitive data. At the time of publication of the CVE no patch is available
CVE-2025-53073 1 Sentry 1 Sentry 2026-04-15 4.2 Medium
In Sentry 25.1.0 through 25.5.1, an authenticated attacker can access a project's issue endpoint and perform unauthorized actions (such as adding a comment) without being a member of the project's team. A seven-digit issue ID must be known (it is not treated as a secret and might be mentioned publicly, or it could be predicted).
CVE-2025-48202 2026-04-15 5.3 Medium
The femanager extension through 8.2.1 for TYPO3 allows Insecure Direct Object Reference.
CVE-2026-4532 2 Carmelo, Code-projects 2 Simple Food Order System, Simple Food Ordering System 2026-04-10 5.3 Medium
A security vulnerability has been detected in code-projects Simple Food Ordering System up to 1.0. Affected by this vulnerability is an unknown functionality of the file /food/sql/food.sql of the component Database Backup Handler. The manipulation leads to files or directories accessible. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. It is recommended to change the configuration settings.
CVE-2026-29909 1 Mrcms 1 Mrcms 2026-04-03 5.3 Medium
MRCMS V3.1.2 contains an unauthenticated directory enumeration vulnerability in the file management module. The /admin/file/list.do endpoint lacks authentication controls and proper input validation, allowing remote attackers to enumerate directory contents on the server without any credentials.
CVE-2026-21715 1 Nodejs 1 Nodejs 2026-04-03 3.3 Low
A flaw in Node.js Permission Model filesystem enforcement leaves `fs.realpathSync.native()` without the required read permission checks, while all comparable filesystem functions correctly enforce them. As a result, code running under `--permission` with restricted `--allow-fs-read` can still use `fs.realpathSync.native()` to check file existence, resolve symlink targets, and enumerate filesystem paths outside of permitted directories. This vulnerability affects **20.x, 22.x, 24.x, and 25.x** processes using the Permission Model where `--allow-fs-read` is intentionally restricted.
CVE-2026-32867 2 Opexus, Opexustech 2 Ecomplaint, Ecase Ecomplaint 2026-03-30 5.4 Medium
OPEXUS eComplaint before version 10.1.0.0 allows an unauthenticated attacker to obtain or guess an existing case number and upload arbitrary files via 'Portal/EEOC/DocumentUploadPub.aspx'. Users would see these unexpected files in cases. Uploading a large number of files could consume storage.