Weaknesses of type CWE-266
939 resultsCVE-2025-0484MEDIUMFanli2012 native-php-cms Backend sysconfig_doedit.php improper authorizationEPSS 0.5%CVE-2022-3549MEDIUMSourceCodester Simple Cold Storage Management System Avatar unrestricted uploadEPSS 0.5%CVE-2025-3199MEDIUMageerle ruoyi-ai API Interface SysModelController.java improper authorizationEPSS 0.5%CVE-2024-25660CRITICALThe WebDAV service in Infinera TNMS (Transcend Network Management System) 19.10.3 allows a low-privileged remote attacker to conduct unauthoEPSS 0.5%CVE-2024-11306MEDIUMAltenergy Power Control Software database improper authorizationEPSS 0.5%CVE-2025-23528HIGHWordPress DD Roles plugin <= 4.1 - Privilege Escalation vulnerabilityEPSS 0.5%CVE-2026-2669MEDIUMRongzhitong Visual Integrated Command and Dispatch Platform User delete access controlEPSS 0.5%CVE-2024-32555CRITICALWordPress Easy Real Estate plugin <= 2.2.6 - Privilege Escalation vulnerabilityEPSS 0.5%CVE-2024-12678MEDIUMNomad Allocations Vulnerable To Privilege Escalation Within A Namespace Using Unredacted Workload Identity TokensEPSS 0.5%CVE-2024-9180HIGHVault Operators in Root Namespace May Elevate Their PrivilegesEPSS 0.5%CVE-2024-10766MEDIUMCodezips Free Exam Hall Seating Management System save_user.php unrestricted uploadEPSS 0.5%CVE-2025-0802MEDIUMSourceCodester Best Employee Management System Administrative Endpoint View_user.php access controlEPSS 0.5%CVE-2025-3237MEDIUMTenda FH1202 wrlwpsset access controlEPSS 0.5%CVE-2023-6477MEDIUMIncorrect Privilege Assignment in GitLabEPSS 0.5%CVE-2024-9082MEDIUMSourceCodester Online Eyewear Shop User Creation Users.php improper authorizationEPSS 0.5%CVE-2024-10764MEDIUMCodezips Online Institute Management System save_user.php unrestricted uploadEPSS 0.5%CVE-2024-10765MEDIUMCodezips Online Institute Management System profile.php unrestricted uploadEPSS 0.5%CVE-2026-49060CRITICALWordPress Hippoo Mobile App for WooCommerce plugin <= 1.9.4 - Privilege Escalation vulnerabilityEPSS 0.5%CVE-2022-3436MEDIUMSourceCodester Web-Based Student Clearance System Photo edit-photo.php unrestricted uploadEPSS 0.5%CVE-2026-11492MEDIUMD-Link DIR-823G vsftpd vsftpd.conf least privilege violationEPSS 0.5%