Authorization Bypass Through User-Controlled Key

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

CVEs (1,771)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-21131 1Google 1Android Dec 18, 2024 Jun 15, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 In checkKeyIntentParceledCorrectly() of ActivityManagerService.java, there is a possible bypass of Parcel Mismatch mitigations due to a logic error in the code. This could lead to local escalation of privilege and the ab...Show more In checkKeyIntentParceledCorrectly() of ActivityManagerService.java, there is a possible bypass of Parcel Mismatch mitigations due to a logic error in the code. This could lead to local escalation of privilege and the ability to launch arbitrary activities in settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-265015796Show less
CVE-2023-34000 1Woocommerce 1Stripe Payment Gateway Nov 21, 2024 Jun 14, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Unauth. IDOR vulnerability leading to PII Disclosure in WooCommerce Stripe Payment Gateway plugin <= 7.4.0 versions.
CVE-2023-3048 1Tmtmakine 1Lockcell Firmware May 22, 2026 Jun 13, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Authorization Bypass Through User-Controlled Key vulnerability in TMT Lockcell allows Authentication Abuse, Authentication Bypass. This issue affects Lockcell: before 15.
CVE-2023-1889 1Wpwax 1Directorist Apr 8, 2026 Jun 9, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 The Directorist plugin for WordPress is vulnerable to an Insecure Direct Object Reference in versions up to, and including, 7.5.4. This is due to improper validation and authorization checks within the listing_task funct...Show more The Directorist plugin for WordPress is vulnerable to an Insecure Direct Object Reference in versions up to, and including, 7.5.4. This is due to improper validation and authorization checks within the listing_task function. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to delete arbitrary posts. Please note CVE-2023-35052 appears to be a duplicate of this issue.Show less
CVE-2023-0694 1Wpmet 1Metform Elementor Contact Form Builder Apr 8, 2026 Jun 9, 2023 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf' shortcode in versions up to, and including, 3.3.1. This allows authenticated attackers, with subscriber-level...Show more The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf' shortcode in versions up to, and including, 3.3.1. This allows authenticated attackers, with subscriber-level capabilities or above to obtain sensitive information about any standard form field of any form submission.Show less
CVE-2023-0693 1Wpmet 1Metform Elementor Contact Form Builder Apr 8, 2026 Jun 9, 2023 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf_transaction_id' shortcode in versions up to, and including, 3.3.1. This allows authenticated attackers, with su...Show more The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf_transaction_id' shortcode in versions up to, and including, 3.3.1. This allows authenticated attackers, with subscriber-level capabilities or above to obtain sensitive information about the transaction ids of arbitrary form submissions that included payment.Show less
CVE-2023-0692 1Wpmet 1Metform Elementor Contact Form Builder Apr 8, 2026 Jun 9, 2023 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf_payment_status' shortcode in versions up to, and including, 3.3.1. This allows authenticated attackers, with su...Show more The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf_payment_status' shortcode in versions up to, and including, 3.3.1. This allows authenticated attackers, with subscriber-level capabilities or above to obtain sensitive information about the payment status of arbitrary form submissions.Show less
CVE-2023-0691 1Wpmet 1Metform Elementor Contact Form Builder Apr 8, 2026 Jun 9, 2023 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf_last_name' shortcode in versions up to, and including, 3.3.1. This allows authenticated attackers, with subscri...Show more The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf_last_name' shortcode in versions up to, and including, 3.3.1. This allows authenticated attackers, with subscriber-level capabilities or above to obtain sensitive information about arbitrary form submissions, specifically the submitter's last name.Show less
CVE-2023-0688 1Wpmet 1Metform Elementor Contact Form Builder Apr 8, 2026 Jun 9, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf_thankyou' shortcode in versions up to, and including, 3.3.1. This allows authenticated attackers, with subscrib...Show more The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf_thankyou' shortcode in versions up to, and including, 3.3.1. This allows authenticated attackers, with subscriber-level capabilities or above to obtain sensitive information about form submissions, including payment status, and transaction ID.Show less
CVE-2021-33223 1Seeddms 1Seeddms Nov 21, 2024 Jun 7, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 An issue discovered in SeedDMS 6.0.15 allows an attacker to escalate privileges via the userid and role parameters in the out.UsrMgr.php file.
CVE-2023-0985 1Mbconnectline 2Mbconnect24 Mymbconnect24 Nov 21, 2024 Jun 6, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 An Authorization Bypass vulnerability was found in MB Connect Lines mbCONNECT24, mymbCONNECT24 and Helmholz' myREX24 and myREX24.virtual version <= 2.13.3. An authenticated remote user with low privileges can change the...Show more An Authorization Bypass vulnerability was found in MB Connect Lines mbCONNECT24, mymbCONNECT24 and Helmholz' myREX24 and myREX24.virtual version <= 2.13.3. An authenticated remote user with low privileges can change the password of any user in the same account. This allows to take over the admin user and therefore fully compromise the account.Show less
CVE-2023-33956 1Kanboard 1Kanboard Nov 21, 2024 Jun 5, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Kanboard is open source project management software that focuses on the Kanban methodology. Versions prior to 1.2.30 are subject to an Insecure direct object reference (IDOR) vulnerability present in the application's UR...Show more Kanboard is open source project management software that focuses on the Kanban methodology. Versions prior to 1.2.30 are subject to an Insecure direct object reference (IDOR) vulnerability present in the application's URL parameter. This vulnerability enables any user to read files uploaded by any other user, regardless of their privileges or restrictions. By Changing the file_id any user can render all the files where MimeType is image uploaded under /files directory regard less of uploaded by any user. This vulnerability poses a significant impact and severity to the application's security. By manipulating the URL parameter, an attacker can access sensitive files that should only be available to authorized users. This includes confidential documents or any other type of file stored within the application. The ability to read these files can lead to various detrimental consequences, such as unauthorized disclosure of sensitive information, privacy breaches, intellectual property theft, or exposure of trade secrets. Additionally, it could result in legal and regulatory implications, reputation damage, financial losses, and potential compromise of user trust. Users are advised to upgrade. There are no known workarounds for this vulnerability. Show less
CVE-2023-3066 1Mobatime 1Amxgt 100 Nov 21, 2024 Jun 5, 2023 N/A· v4 8.1 HIGH· v3 N/A· v2 Incorrect Authorization vulnerability in Mobatime mobile application AMXGT100 allows a low-privileged user to impersonate anyone else, including administratorsThis issue affects Mobatime mobile application AMXGT100: thro...Show more Incorrect Authorization vulnerability in Mobatime mobile application AMXGT100 allows a low-privileged user to impersonate anyone else, including administratorsThis issue affects Mobatime mobile application AMXGT100: through 1.3.20. Show less
CVE-2023-32310 1Dataease 1Dataease Nov 21, 2024 Jun 1, 2023 N/A· v4 8.1 HIGH· v3 N/A· v2 DataEase is an open source data visualization and analysis tool. The API interface for DataEase delete dashboard and delete system messages is vulnerable to insecure direct object references (IDOR). This could result in...Show more DataEase is an open source data visualization and analysis tool. The API interface for DataEase delete dashboard and delete system messages is vulnerable to insecure direct object references (IDOR). This could result in a user deleting another user's dashboard or messages or interfering with the interface for marking messages read. The vulnerability has been fixed in v1.18.7. There are no known workarounds aside from upgrading.Show less
CVE-2022-36247 1Shopbeat 1Shop Beat Media Player Jan 13, 2025 May 30, 2023 N/A· v4 9.1 CRITICAL· v3 N/A· v2 Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to IDOR via controlpanel.shopbeat.co.za.
CVE-2023-2978 1Abstrium 1Pydio Cells Nov 21, 2024 May 30, 2023 N/A· v4 4.3 MEDIUM· v3 4.1 MEDIUM· v2 A vulnerability was found in Abstrium Pydio Cells 4.2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Change Subscription Handler. The manipulation leads to auth...Show more A vulnerability was found in Abstrium Pydio Cells 4.2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Change Subscription Handler. The manipulation leads to authorization bypass. The exploit has been disclosed to the public and may be used. Upgrading to version 4.2.1 is able to address this issue. It is recommended to upgrade the affected component. VDB-230210 is the identifier assigned to this vulnerability.Show less
CVE-2023-2883 1Cbot 2Cbot Core Cbot Panel Nov 21, 2024 May 25, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Authorization Bypass Through User-Controlled Key vulnerability in CBOT Chatbot allows Authentication Abuse, Authentication Bypass.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.
CVE-2023-2065 1Armoli 1Cargo Tracking System Nov 21, 2024 May 24, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Authorization Bypass Through User-Controlled Key vulnerability in Armoli Technology Cargo Tracking System allows Authentication Abuse, Authentication Bypass.This issue affects Cargo Tracking System: before 3558f28 .
CVE-2023-2702 1Finexmedia 1Competition Management System Nov 21, 2024 May 23, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Authorization Bypass Through User-Controlled Key vulnerability in Finex Media Competition Management System allows Authentication Abuse, Authentication Bypass.This issue affects Competition Management System: before 23.0...Show more Authorization Bypass Through User-Controlled Key vulnerability in Finex Media Competition Management System allows Authentication Abuse, Authentication Bypass.This issue affects Competition Management System: before 23.07. Show less
CVE-2023-2844 1Fit2cloud 1Cloudexplorer Lite Nov 21, 2024 May 23, 2023 N/A· v4 4.9 MEDIUM· v3 N/A· v2 Authorization Bypass Through User-Controlled Key in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0.

Previous 1...697071...89 Next