Weaknesses of type CWE-284

4,444 results
CVE-2025-4310MEDIUMitsourcecode Content Management System add_topic.php unrestricted uploadEPSS 0.3%CVE-2025-15262MEDIUMBiggiDroid Simple PHP CMS Site Logo edit.php unrestricted uploadEPSS 0.3%CVE-2026-41160MEDIUMEspoCRM: Broken Access Control / IDOR in Note Pinning API allows unauthorized modification of notesEPSS 0.3%CVE-2026-11458MEDIUMerzhongxmu JeeWMS Boot Actuator Endpoint actuator information disclosureEPSS 0.3%CVE-2026-41102HIGHMicrosoft PowerPoint for Android Spoofing VulnerabilityEPSS 0.3%CVE-2026-8033MEDIUMPicoTronica e-Clinic Healthcare System ECHS Response Header v2 information disclosureEPSS 0.3%CVE-2026-41101HIGHMicrosoft Word for Android Spoofing VulnerabilityEPSS 0.3%CVE-2025-55895CRITICALTOTOLINK A3300R V17.0.0cu.557_B20221024 and N200RE V9.3.5u.6448_B20240521 and V9.3.5u.6437_B20230519 are vulnerable to Incorrect Access ContEPSS 0.3%CVE-2026-48904HIGHJoomla! Core - [20260514] - Privilege escalation through com_users webservice endpointsEPSS 0.3%CVE-2026-5601MEDIUMAcrel Electrical Prepaid Cloud Platform Backup File bin.rar information disclosureEPSS 0.3%CVE-2026-0844HIGHSimple User Registration <= 6.7 - Authenticated (Subscriber+) Privilege Escalation via profile_save_fieldEPSS 0.3%CVE-2026-5863HIGHInappropriate implementation in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandEPSS 0.3%CVE-2025-15197MEDIUMcode-projects/anirbandutta9 Content Management System/News-Buzz editposts.php unrestricted uploadEPSS 0.3%CVE-2025-60800HIGHIncorrect access control in the /jshERP-boot/user/info interface of jshERP up to commit 90c411a allows attackers to access sensitive informaEPSS 0.3%CVE-2026-41092HIGHMicrosoft Kinect Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2026-54407HIGHA malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Protect Application to byEPSS 0.3%CVE-2026-9580MEDIUMJeecgBoot selectDepart LoginController.selectDepart access controlEPSS 0.3%CVE-2026-46920HIGHVulnerability in the Siebel CRM Cloud Applications product of Oracle Siebel CRM (component: Siebel Cloud Manager). Supported versions that EPSS 0.3%CVE-2026-42829HIGHWindows Administrator Protection Secure Feature Bypass VulnerabilityEPSS 0.3%CVE-2026-5576MEDIUMSourceCodester/jkev Record Management System Add Employee save_emp.php unrestricted uploadEPSS 0.3%