Fallos del tipo CWE-284

4394 resultados
CVE-2024-2281MEDIUMboyiddha Automated-Mess-Management-System Setting index.php access controlEPSS 0.6%CVE-2024-0415MEDIUMDeShang DSMall Image URL TaobaoExport.php access controlEPSS 0.6%CVE-2024-46607HIGHIncorrect access control in IceCMS v3.4.7 and before allows attackers to authenticate by entering any arbitrary values as the username and pEPSS 0.6%CVE-2025-2955MEDIUMTOTOLINK A3000RU IBMS Configuration File ExportIbmsConfig.sh access controlEPSS 0.6%CVE-2025-2989MEDIUMTenda FH1202 Web Management Interface AdvSetWrl access controlEPSS 0.6%CVE-2023-43847MEDIUMIncorrect access control in the outlet control function of web interface in Aten PE6208 2.3.228 and 2.4.232 allows remote authenticated userEPSS 0.6%CVE-2025-2990MEDIUMTenda FH1202 Web Management Interface AdvSetWrlGstset access controlEPSS 0.6%CVE-2025-2994MEDIUMTenda FH1202 Web Management Interface qossetting access controlEPSS 0.6%CVE-2025-29514CRITICALIncorrect access control in the config.xgi function of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to downloaEPSS 0.6%CVE-2024-35396CRITICALTOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a hardcoded password for telnet in /web_cste/cgi-bin/product.ini, which allEPSS 0.6%CVE-2025-2115MEDIUMzzskzy Warehouse Refinement Management System AcceptZip.ashx ProcessRequest unrestricted uploadEPSS 0.6%CVE-2025-11028MEDIUMgivanz Vvveb Image information disclosureEPSS 0.6%CVE-2026-2667MEDIUMRongzhitong Visual Integrated Command and Dispatch Platform api access controlEPSS 0.6%CVE-2024-10999MEDIUMCodeAstro Real Estate Management System About Us Page aboutadd.php unrestricted uploadEPSS 0.6%CVE-2024-11000MEDIUMCodeAstro Real Estate Management System About Us Page aboutedit.php unrestricted uploadEPSS 0.6%CVE-2024-13191MEDIUMZeroWdd myblog uploadController.java upload unrestricted uploadEPSS 0.6%CVE-2026-44249HIGHNetty has an IPv6 Subnet Filter Bypass via Incorrect Comparator MaskingEPSS 0.6%CVE-2023-51070HIGHAn access control issue in QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 allows unauthenticated attackers to arbitrarily adjusEPSS 0.6%CVE-2022-28759HIGHZoom On-Premise Deployments: Improper Access ControlEPSS 0.6%CVE-2024-36080CRITICALWestermo EDW-100 devices through 2024-05-03 have a hidden root user account with a hardcoded password that cannot be changed. NOTE: this is EPSS 0.6%