Authorization Bypass Through User-Controlled Key

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

CVEs (1,771)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-33706 1Sysaid 1Sysaid Nov 21, 2024 Nov 24, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 SysAid before 23.2.15 allows Indirect Object Reference (IDOR) attacks to read ticket data via a modified sid parameter to EmailHtmlSourceIframe.jsp or a modified srID parameter to ShowMessage.jsp.
CVE-2023-47316 1H Mdm 1Headwind Mdm Nov 21, 2024 Nov 22, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control. The Web panel allows users to gain access to potentially sensitive API calls such as listing users and their data, file management API calls and au...Show more Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control. The Web panel allows users to gain access to potentially sensitive API calls such as listing users and their data, file management API calls and audit-related API calls.Show less
CVE-2023-48304 1Nextcloud 1Nextcloud Server Nov 21, 2024 Nov 21, 2023 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Server and starting in version 22.0.0 and pri...Show more Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Server and starting in version 22.0.0 and prior to versions 22.2.10.16, 23.0.12.11, 24.0.12.7, 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Enterprise Server, an attacker could enable and disable the birthday calendar for any user on the same server. Nextcloud Server 25.0.11, 26.0.6, and 27.1.0 and Nextcloud Enterprise Server 22.2.10.16, 23.0.12.11, 24.0.12.7, 25.0.11, 26.0.6, and 27.1.0 contain patches for this issue. No known workarounds are available.Show less
CVE-2023-6144 1Armanidrisi 1Dev Blog Nov 21, 2024 Nov 21, 2023 N/A· v4 4.8 MEDIUM· v3 N/A· v2 Dev blog v1.0 allows to exploit an account takeover through the "user" cookie. With this, an attacker can access any user's session just by knowing their username.
CVE-2023-38884 1Os4ed 1Opensis Nov 21, 2024 Nov 20, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 An Insecure Direct Object Reference (IDOR) vulnerability in the Community Edition version 9.0 of openSIS Classic allows an unauthenticated remote attacker to access any student's files by visiting '/assets/studentfiles/<...Show more An Insecure Direct Object Reference (IDOR) vulnerability in the Community Edition version 9.0 of openSIS Classic allows an unauthenticated remote attacker to access any student's files by visiting '/assets/studentfiles/<studentId>-<filename>'Show less
CVE-2023-43900 1Emsigner 1Emsigner Nov 21, 2024 Nov 14, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Insecure Direct Object References (IDOR) in EMSigner v2.8.7 allow attackers to gain unauthorized access to application content and view sensitive data of other users via manipulation of the documentID and EncryptedDocume...Show more Insecure Direct Object References (IDOR) in EMSigner v2.8.7 allow attackers to gain unauthorized access to application content and view sensitive data of other users via manipulation of the documentID and EncryptedDocumentId parameters.Show less
CVE-2023-46446 1Asyncssh Project 1Asyncssh Feb 25, 2026 Nov 14, 2023 N/A· v4 6.8 MEDIUM· v3 N/A· v2 An issue in AsyncSSH before 2.14.1 allows attackers to control the remote end of an SSH client session via packet injection/removal and shell emulation, aka a "Rogue Session Attack."
CVE-2023-5544 3Fedoraproject MoodleRedhat 3Enterprise Linux FedoraMoodle Nov 21, 2024 Nov 9, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk.
CVE-2023-45380 1Silbersaiten 1Order Duplicator Nov 21, 2024 Nov 7, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 In the module "Order Duplicator " Clone and Delete Existing Order" (orderduplicate) in version <= 1.1.7 from Silbersaiten for PrestaShop, a guest can download personal information without restriction. Due to a lack of pe...Show more In the module "Order Duplicator " Clone and Delete Existing Order" (orderduplicate) in version <= 1.1.7 from Silbersaiten for PrestaShop, a guest can download personal information without restriction. Due to a lack of permissions control, a guest can download personal information from ps_customer/ps_address tables such as name / surname / phone number / full postal address.Show less
CVE-2023-41356 1Wisdomgarden 1Tronclass Ilearn Nov 21, 2024 Nov 3, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 NCSIST ManageEngine Mobile Device Manager(MDM) APP's special function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and read arbitrary syst...Show more NCSIST ManageEngine Mobile Device Manager(MDM) APP's special function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and read arbitrary system files.Show less
CVE-2023-38965 1Oretnom23 1Lost And Found Information System Nov 11, 2025 Nov 3, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Lost and Found Information System 1.0 allows account takeover via username and password to a /classes/Users.php?f=save URI.
CVE-2023-4836 1Userprivatefiles 1Wordpress File Sharing Plugin Apr 3, 2025 Oct 31, 2023 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The WordPress File Sharing Plugin WordPress plugin before 2.0.5 does not check authorization before displaying files and folders, allowing users to gain access to those filed by manipulating IDs which can easily be brute...Show more The WordPress File Sharing Plugin WordPress plugin before 2.0.5 does not check authorization before displaying files and folders, allowing users to gain access to those filed by manipulating IDs which can easily be brute forcedShow less
CVE-2023-46478 1Minical 1Minical Nov 21, 2024 Oct 30, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 An issue in minCal v.1.0.0 allows a remote attacker to execute arbitrary code via a crafted script to the customer_data parameter.
CVE-2023-3998 1Gvectors 1Wpdiscuz Apr 8, 2026 Oct 20, 2023 N/A· v4 5.3 MEDIUM· v3 N/A· v2 The wpDiscuz plugin for WordPress is vulnerable to unauthorized modification of data due to a missing authorization check on the userRate function in versions up to, and including, 7.6.3. This makes it possible for unaut...Show more The wpDiscuz plugin for WordPress is vulnerable to unauthorized modification of data due to a missing authorization check on the userRate function in versions up to, and including, 7.6.3. This makes it possible for unauthenticated attackers to increase or decrease the rating of a post.Show less
CVE-2023-3869 1Gvectors 1Wpdiscuz Apr 8, 2026 Oct 20, 2023 N/A· v4 5.3 MEDIUM· v3 N/A· v2 The wpDiscuz plugin for WordPress is vulnerable to unauthorized modification of data due to a missing authorization check on the voteOnComment function in versions up to, and including, 7.6.3. This makes it possible for...Show more The wpDiscuz plugin for WordPress is vulnerable to unauthorized modification of data due to a missing authorization check on the voteOnComment function in versions up to, and including, 7.6.3. This makes it possible for unauthenticated attackers to increase or decrease the rating of a comment.Show less
CVE-2022-24401 1Midnightblue 1Tetra\ Nov 21, 2024 Oct 19, 2023 N/A· v4 8.1 HIGH· v3 N/A· v2 Adversary-induced keystream re-use on TETRA air-interface encrypted traffic using any TEA keystream generator. IV generation is based upon several TDMA frame counters, which are frequently broadcast by the infrastructure...Show more Adversary-induced keystream re-use on TETRA air-interface encrypted traffic using any TEA keystream generator. IV generation is based upon several TDMA frame counters, which are frequently broadcast by the infrastructure in an unauthenticated manner. An active adversary can manipulate the view of these counters in a mobile station, provoking keystream re-use. By sending crafted messages to the MS and analyzing MS responses, keystream for arbitrary frames can be recovered.Show less
CVE-2022-24400 1Midnightblue 1Tetra\ Nov 21, 2024 Oct 19, 2023 N/A· v4 5.9 MEDIUM· v3 N/A· v2 A flaw in the TETRA authentication procecure allows a MITM adversary that can predict the MS challenge RAND2 to set session key DCK to zero.
CVE-2023-43668 1Apache 1Inlong Nov 21, 2024 Oct 16, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Authorization Bypass Through User-Controlled Key vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.8.0, some sensitive params checks will be bypassed, like "autoDeserizalize","allow...Show more Authorization Bypass Through User-Controlled Key vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.8.0, some sensitive params checks will be bypassed, like "autoDeserizalize","allowLoadLocalInfile".... . Users are advised to upgrade to Apache InLong's 1.9.0 or cherry-pick [1] to solve it. [1] https://github.com/apache/inlong/pull/8604 Show less
CVE-2023-45393 1Grandingteco 1Utime Master Nov 21, 2024 Oct 13, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 An indirect object reference (IDOR) in GRANDING UTime Master v9.0.7-Build:Apr 4,2023 allows authenticated attackers to access sensitive information via a crafted cookie.
CVE-2023-45396 1Elenos 1Etg150 Firmware Nov 21, 2024 Oct 11, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 An Insecure Direct Object Reference (IDOR) vulnerability leads to events profiles access in Elenos ETG150 FM transmitter running on version 3.12.

Previous 1...666768...89 Next