Weaknesses of type CWE-284

4,431 results
CVE-2023-3303MEDIUMImproper Access Control in admidio/admidioEPSS 0.4%CVE-2025-5171MEDIUMllisoft MTA Maita Training System OpenController.java this.fileService.download unrestricted uploadEPSS 0.4%CVE-2025-3807MEDIUMzhenfeng13 My-BBS Endpoint UploadController.java upload unrestricted uploadEPSS 0.4%CVE-2025-3969MEDIUMcodeprojects News Publishing Site Dashboard Edit Category Page edit-category.php unrestricted uploadEPSS 0.4%CVE-2024-42514HIGHA vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.1.0.4 could allow an unauthenticated attacker to EPSS 0.4%CVE-2025-56274HIGHSourceCodester Web-based Pharmacy Product Management System 1.0 is vulnerable to Incorrect Access Control, which allows low-privileged usersEPSS 0.4%CVE-2026-20912CRITICALGitea: Cross-Repository Authorization Bypass via Release Attachment Linking Leads to Private Attachment DisclosureEPSS 0.4%CVE-2025-11658MEDIUMProjectsAndPrograms School Management System changeSllyabus.php unrestricted uploadEPSS 0.4%CVE-2023-3304MEDIUMImproper Access Control in admidio/admidioEPSS 0.4%CVE-2020-37116HIGHGUnet OpenEclass 1.7.3 E-learning platform - phpMyAdmin Remote AccessEPSS 0.4%CVE-2025-8525MEDIUMExrick xboot Spring Boot Admin/Spring Actuator information disclosureEPSS 0.4%CVE-2025-2952MEDIUMBluestar Micro Mall api.php unrestricted uploadEPSS 0.4%CVE-2026-20897CRITICALGitea Git LFS Lock Deletion Broken Access Control (Cross-Repo IDOR)EPSS 0.4%CVE-2025-11660MEDIUMProjectsAndPrograms School Management System uploadSllyabus.php unrestricted uploadEPSS 0.4%CVE-2026-32938CRITICALSiYuan has an Arbitrary File Read in its Desktop Publish ServiceEPSS 0.4%CVE-2022-45430LOWSome Dahua software products have a vulnerability of unauthenticated enable or disable SSHD service. After bypassing the firewall access conEPSS 0.4%CVE-2026-46791HIGHVulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). The supported version that EPSS 0.4%CVE-2025-3398MEDIUMlenve VBlog WebSecurityConfig.java configure access controlEPSS 0.4%CVE-2022-23240MEDIUMActive IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.11P1 are susceptible to a vulnerability whichEPSS 0.4%CVE-2024-21107MEDIUMVulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are PrioEPSS 0.4%