Authorization Bypass Through User-Controlled Key

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

CVEs (1,734)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-3874 1Tipsandtricks Hq 1Wordpress Simple Paypal Shopping Cart May 6, 2025 May 1, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.3 due to lack of randomization of a user controlled key. This makes it p...Show more The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.3 due to lack of randomization of a user controlled key. This makes it possible for unauthenticated attackers to access customer shopping carts and edit product links, add or delete products, and discover coupon codes.Show less
CVE-2025-4119 1Weitong 1Mall May 16, 2025 Apr 30, 2025 6.9 MEDIUM· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A vulnerability classified as critical was found in Weitong Mall 1.0.0. This vulnerability affects unknown code of the file /queryTotal of the component Product Statistics Handler. The manipulation of the argument isDele...Show more A vulnerability classified as critical was found in Weitong Mall 1.0.0. This vulnerability affects unknown code of the file /queryTotal of the component Product Statistics Handler. The manipulation of the argument isDelete with the input 1 leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-3640 1Moodle 1Moodle Jun 24, 2025 Apr 25, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 A flaw was found in Moodle. Insufficient capability checks made it possible for a user enrolled in a course to access some details, such as the full name and profile image URL, of other users they did not have permission...Show more A flaw was found in Moodle. Insufficient capability checks made it possible for a user enrolled in a course to access some details, such as the full name and profile image URL, of other users they did not have permission to access.Show less
CVE-2025-3636 1Moodle 1Moodle Jun 24, 2025 Apr 25, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 A flaw was found in Moodle. This vulnerability allows unauthorized users to access and view RSS feeds due to insufficient capability checks.
CVE-2025-3625 1Moodle 1Moodle Jun 24, 2025 Apr 25, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 A security vulnerability was discovered in Moodle that can allow hackers to gain access to sensitive information about students and prevent them from logging into their accounts, even after they had completed two-factor...Show more A security vulnerability was discovered in Moodle that can allow hackers to gain access to sensitive information about students and prevent them from logging into their accounts, even after they had completed two-factor authentication (2FA).Show less
CVE-2025-25777 1Codeastro 1Bus Ticket Booking System May 28, 2025 Apr 24, 2025 N/A· v4 8.0 HIGH· v3 N/A· v2 Insecure Direct Object Reference (IDOR) in Codeastro Bus Ticket Booking System v1.0 allows unauthorized access to user profiles. By manipulating the user ID in the URL, an attacker can access another user's profile witho...Show more Insecure Direct Object Reference (IDOR) in Codeastro Bus Ticket Booking System v1.0 allows unauthorized access to user profiles. By manipulating the user ID in the URL, an attacker can access another user's profile without proper authentication or authorization checks.Show less
CVE-2025-1284 - - Apr 29, 2025 Apr 24, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The Woocommerce Automatic Order Printing \| ( Formerly WooCommerce Google Cloud Print) plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1 via the xc_woo_printe...Show more The Woocommerce Automatic Order Printing \| ( Formerly WooCommerce Google Cloud Print) plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1 via the xc_woo_printer_preview AJAX action due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view other user's invoices and orders which can contain sensitive information.Show less
CVE-2025-42605 - - Apr 23, 2025 Apr 23, 2025 9.3 CRITICAL· v4 N/A· v3 N/A· v2 This vulnerability exists in Meon Bidding Solutions due to improper authorization controls on certain API endpoints for the initiation, modification, or cancellation operations. An authenticated remote attacker could exp...Show more This vulnerability exists in Meon Bidding Solutions due to improper authorization controls on certain API endpoints for the initiation, modification, or cancellation operations. An authenticated remote attacker could exploit this vulnerability by manipulating parameter in the API request body to gain unauthorized access to other user accounts. Successful exploitation of this vulnerability could allow remote attacker to perform authorized manipulation of data associated with other user accounts.Show less
CVE-2025-3519 - - Apr 23, 2025 Apr 22, 2025 7.0 HIGH· v4 N/A· v3 N/A· v2 An authorization bypass in Unblu Spark allows a participant of a conversation to replace an existing, uploaded file. Every uploaded file in Unblu gets assigned with a randomly generated Universally Unique ID (UUID). In...Show more An authorization bypass in Unblu Spark allows a participant of a conversation to replace an existing, uploaded file. Every uploaded file in Unblu gets assigned with a randomly generated Universally Unique ID (UUID). In case a participant of this or another conversation gets access to such a file ID, it can be used to replace the file without changing the file name and details or the name of the user who uploaded the file. During the upload, file interception and allowed file type rules are still applied correctly.Show less
CVE-2025-39434 - - Apr 23, 2026 Apr 17, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Authorization Bypass Through User-Controlled Key vulnerability in Scott Taylor Avatar avatar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Avatar: from n/a through <= 0.1.4.
CVE-2025-31950 1Growatt 1Cloud Portal Nov 12, 2025 Apr 15, 2025 6.9 MEDIUM· v4 5.3 MEDIUM· v3 N/A· v2 An unauthenticated attacker can obtain EV charger energy consumption information of other users.
CVE-2025-31945 1Growatt 1Cloud Portal Nov 12, 2025 Apr 15, 2025 6.9 MEDIUM· v4 5.3 MEDIUM· v3 N/A· v2 An unauthenticated attacker can obtain other users' charger information.
CVE-2025-31654 1Growatt 1Cloud Portal Nov 12, 2025 Apr 15, 2025 6.9 MEDIUM· v4 5.3 MEDIUM· v3 N/A· v2 An attacker can get information about the groups of the smart home devices for arbitrary users (i.e., "rooms").
CVE-2025-31360 1Growatt 1Cloud Portal Nov 12, 2025 Apr 15, 2025 6.9 MEDIUM· v4 7.5 HIGH· v3 N/A· v2 Unauthenticated attackers can trigger device actions associated with specific "scenes" of arbitrary users.
CVE-2025-31147 1Growatt 1Cloud Portal Nov 14, 2025 Apr 15, 2025 6.9 MEDIUM· v4 5.3 MEDIUM· v3 N/A· v2 Unauthenticated attackers can query information about total energy consumed by EV chargers of arbitrary users.
CVE-2025-30257 1Growatt 1Cloud Portal Nov 14, 2025 Apr 15, 2025 6.9 MEDIUM· v4 5.3 MEDIUM· v3 N/A· v2 Unauthenticated attackers can retrieve serial number of smart meters associated to a specific user account.
CVE-2025-27929 1Growatt 1Cloud Portal Nov 14, 2025 Apr 15, 2025 6.9 MEDIUM· v4 5.3 MEDIUM· v3 N/A· v2 Unauthenticated attackers can retrieve full list of users associated with arbitrary accounts.
CVE-2025-27927 1Growatt 1Cloud Portal Nov 14, 2025 Apr 15, 2025 6.9 MEDIUM· v4 5.3 MEDIUM· v3 N/A· v2 An unauthenticated attackers can obtain a list of smart devices by knowing a valid username through an unprotected API.
CVE-2025-27719 1Growatt 1Cloud Portal Nov 14, 2025 Apr 15, 2025 6.9 MEDIUM· v4 5.3 MEDIUM· v3 N/A· v2 Unauthenticated attackers can query an API endpoint and get device details.
CVE-2025-27575 1Growatt 1Cloud Portal Nov 14, 2025 Apr 15, 2025 6.9 MEDIUM· v4 5.3 MEDIUM· v3 N/A· v2 An unauthenticated attacker can obtain EV charger version and firmware upgrading history by knowing the charger ID.

Previous 1...424344...87 Next