Authorization Bypass Through User-Controlled Key

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

CVEs (1,771)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-31291 1Metagauss 1Profilegrid Apr 28, 2026 Apr 7, 2024 N/A· v4 7.1 HIGH· v3 N/A· v2 Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.6.
CVE-2023-6523 - - May 20, 2026 Apr 5, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Authorization Bypass Through User-Controlled Key vulnerability in ExtremePacs Extreme XDS allows Authentication Abuse. This issue affects Extreme XDS: before 3914.
CVE-2024-3139 1Oretnom23 1Computer Laboratory Management System Jan 24, 2025 Apr 1, 2024 N/A· v4 5.4 MEDIUM· v3 5.5 MEDIUM· v2 A vulnerability, which was classified as critical, has been found in SourceCodester Computer Laboratory Management System 1.0. Affected by this issue is the function save_users of the file /classes/Users.php?f=save. The...Show more A vulnerability, which was classified as critical, has been found in SourceCodester Computer Laboratory Management System 1.0. Affected by this issue is the function save_users of the file /classes/Users.php?f=save. The manipulation of the argument id leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-258914 is the identifier assigned to this vulnerability.Show less
CVE-2024-31095 - - Apr 28, 2026 Mar 31, 2024 N/A· v4 9.1 CRITICAL· v3 N/A· v2 Authorization Bypass Through User-Controlled Key vulnerability in Ricard Torres Thumbs Rating.This issue affects Thumbs Rating: from n/a through 5.1.0.
CVE-2024-30543 - - Apr 28, 2026 Mar 31, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Authorization Bypass Through User-Controlled Key vulnerability in UPQODE Whizz.This issue affects Whizzy: from n/a through 1.1.18.
CVE-2024-30513 1Metagauss 1Profilegrid Apr 28, 2026 Mar 29, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.2.
CVE-2024-30507 - - Apr 28, 2026 Mar 29, 2024 N/A· v4 2.7 LOW· v3 N/A· v2 Authorization Bypass Through User-Controlled Key vulnerability in Molongui.This issue affects Molongui: from n/a through 4.7.7.
CVE-2024-29024 1Fit2cloud 1Jumpserver Jan 9, 2025 Mar 29, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 JumpServer is an open source bastion host and an operation and maintenance security audit system. An authenticated user can exploit the Insecure Direct Object Reference (IDOR) vulnerability in the file manager's bulk tra...Show more JumpServer is an open source bastion host and an operation and maintenance security audit system. An authenticated user can exploit the Insecure Direct Object Reference (IDOR) vulnerability in the file manager's bulk transfer by manipulating job IDs to upload malicious files, potentially compromising the integrity and security of the system. This vulnerability is fixed in v3.10.6.Show less
CVE-2024-29020 1Fit2cloud 1Jumpserver Jan 9, 2025 Mar 29, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 JumpServer is an open source bastion host and an operation and maintenance security audit system. An authorized attacker can obtain sensitive information contained within playbook files if they manage to learn the playbo...Show more JumpServer is an open source bastion host and an operation and maintenance security audit system. An authorized attacker can obtain sensitive information contained within playbook files if they manage to learn the playbook_id of another user. This breach of confidentiality can lead to information disclosure and exposing sensitive data. This vulnerability is fixed in v3.10.6.Show less
CVE-2024-1313 - - Feb 13, 2025 Mar 26, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 It is possible for a user in a different organization from the owner of a snapshot to bypass authorization and delete a snapshot by issuing a DELETE request to /api/snapshots/<key> using its view key. This functionality...Show more It is possible for a user in a different organization from the owner of a snapshot to bypass authorization and delete a snapshot by issuing a DELETE request to /api/snapshots/<key> using its view key. This functionality is intended to only be available to individuals with the permission to write/edit to the snapshot in question, but due to a bug in the authorization logic, deletion requests issued by an unprivileged user in a different organization than the snapshot owner are treated as authorized. Grafana Labs would like to thank Ravid Mazon and Jay Chen of Palo Alto Research for discovering and disclosing this vulnerability. This issue affects Grafana: from 9.5.0 before 9.5.18, from 10.0.0 before 10.0.13, from 10.1.0 before 10.1.9, from 10.2.0 before 10.2.6, from 10.3.0 before 10.3.5.Show less
CVE-2024-29194 1Hackerbay 1Oneuptime Dec 5, 2025 Mar 24, 2024 N/A· v4 8.3 HIGH· v3 N/A· v2 OneUptime is a solution for monitoring and managing online services. The vulnerability lies in the improper validation of client-side stored data within the web application. Specifically, the is_master_admin key, stored...Show more OneUptime is a solution for monitoring and managing online services. The vulnerability lies in the improper validation of client-side stored data within the web application. Specifically, the is_master_admin key, stored in the local storage of the browser, can be manipulated by an attacker. By changing this key from false to true, the application grants administrative privileges to the user, without proper server-side validation. This has been patched in 7.0.1815.Show less
CVE-2024-2538 1Permalink Manager Lite Project 1Permalink Manager Lite Apr 8, 2026 Mar 20, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The Permalink Manager Lite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajax_save_permalink' function in all versions up to, and including, 2.4.3.1. Th...Show more The Permalink Manager Lite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajax_save_permalink' function in all versions up to, and including, 2.4.3.1. This makes it possible for authenticated attackers, with author access and above, to modify the permalinks of arbitrary posts.Show less
CVE-2024-1604 1Bmc 1Control M Mar 6, 2025 Mar 18, 2024 N/A· v4 6.8 MEDIUM· v3 N/A· v2 Improper authorization in the report management and creation module of BMC Control-M branches 9.0.20 and 9.0.21 allows logged-in users to read and make unauthorized changes to any reports available within the application...Show more Improper authorization in the report management and creation module of BMC Control-M branches 9.0.20 and 9.0.21 allows logged-in users to read and make unauthorized changes to any reports available within the application, even without proper permissions. The attacker must know the unique identifier of the report they want to manipulate. Fix for 9.0.20 branch was released in version 9.0.20.238. Fix for 9.0.21 branch was released in version 9.0.21.201.Show less
CVE-2024-2577 1Oretnom23 1Employee Task Management System Feb 20, 2025 Mar 18, 2024 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability has been found in SourceCodester Employee Task Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /update-employee.php. The manipulation of the argument...Show more A vulnerability has been found in SourceCodester Employee Task Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /update-employee.php. The manipulation of the argument admin_id leads to authorization bypass. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257080.Show less
CVE-2024-2576 1Oretnom23 1Employee Task Management System Feb 20, 2025 Mar 18, 2024 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability, which was classified as critical, was found in SourceCodester Employee Task Management System 1.0. This affects an unknown part of the file /update-admin.php. The manipulation of the argument admin_id le...Show more A vulnerability, which was classified as critical, was found in SourceCodester Employee Task Management System 1.0. This affects an unknown part of the file /update-admin.php. The manipulation of the argument admin_id leads to authorization bypass. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257079.Show less
CVE-2024-2575 1Oretnom23 1Employee Task Management System Feb 20, 2025 Mar 18, 2024 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability, which was classified as critical, has been found in SourceCodester Employee Task Management System 1.0. Affected by this issue is some unknown functionality of the file /task-details.php. The manipulatio...Show more A vulnerability, which was classified as critical, has been found in SourceCodester Employee Task Management System 1.0. Affected by this issue is some unknown functionality of the file /task-details.php. The manipulation of the argument task_id leads to authorization bypass. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-257078 is the identifier assigned to this vulnerability.Show less
CVE-2024-2574 1Oretnom23 1Employee Task Management System Feb 20, 2025 Mar 18, 2024 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability classified as critical was found in SourceCodester Employee Task Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit-task.php. The manipulation of the argum...Show more A vulnerability classified as critical was found in SourceCodester Employee Task Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit-task.php. The manipulation of the argument task_id leads to authorization bypass. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257077 was assigned to this vulnerability.Show less
CVE-2023-36483 1Honeywell 2Masmobile Asp.net Services Masmobile Classic Feb 25, 2026 Mar 16, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Authorization bypass can be achieved by session ID prediction in MASmobile Classic Android version 1.16.18 and earlier and MASmobile Classic iOS version 1.7.24 and earlier which allows remote attackers to retrieve se...Show more Authorization bypass can be achieved by session ID prediction in MASmobile Classic Android version 1.16.18 and earlier and MASmobile Classic iOS version 1.7.24 and earlier which allows remote attackers to retrieve sensitive data including customer data, security system status, and event history.Show less
CVE-2023-36238 1Webkul 1Bagisto Apr 14, 2025 Mar 13, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Insecure Direct Object Reference (IDOR) in Bagisto v.1.5.1 allows an attacker to obtain sensitive information via the invoice ID parameter.
CVE-2024-1640 1Bitapps 1Contact Form Builder Apr 8, 2026 Mar 13, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 The Contact Form Builder Plugin: Multi Step Contact Form, Payment Form, Custom Contact Form Plugin by Bit Form plugin for WordPress is vulnerable to unauthorized modification of data due to a insufficient user validation...Show more The Contact Form Builder Plugin: Multi Step Contact Form, Payment Form, Custom Contact Form Plugin by Bit Form plugin for WordPress is vulnerable to unauthorized modification of data due to a insufficient user validation on the bitforms_update_form_entry AJAX action in all versions up to, and including, 2.10.1. This makes it possible for unauthenticated attackers to modify form submissions.Show less

Previous 1...626364...89 Next