Fallos del tipo CWE-639
1565 resultadosCVE-2023-3285HIGHA BOLA vulnerability in POST /appointments in EasyAppointments < 1.5.0EPSS 0.3%CVE-2026-0909MEDIUMWP ULike <= 4.8.3.1 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Log Deletion via 'id' ParameterEPSS 0.3%CVE-2025-4855CRITICALSupport Board <= 3.8.0 - Unauthenticated Authorization Bypass due to Use of Default Secret KeyEPSS 0.3%CVE-2025-14356MEDIUMUltra Addons for Contact Form 7 <= 3.5.33 - Missing Authorization to Authenticated (Subscriber+) to Generate Form Submission PDFEPSS 0.3%CVE-2023-45808MEDIUMiTop missing silo check on extkey in console and portalEPSS 0.3%CVE-2025-70063MEDIUMThe 'Medical History' module in PHPGurukul Hospital Management System v4.0 contains an Insecure Direct Object Reference (IDOR) vulnerabilityEPSS 0.3%CVE-2025-25952MEDIUMAn Insecure Direct Object References (IDOR) in the component /getStudemtAllDetailsById?studentId=XX of Serosoft Solutions Pvt Ltd Academia SEPSS 0.3%CVE-2026-40480HIGHChurchCRM has Missing Object-Level Authorization / IDOR in `/api/person/{personId}`EPSS 0.3%CVE-2025-65021CRITICALRallly Has Unauthorized Poll Finalization via Insecure Direct Object Reference (IDOR)EPSS 0.3%CVE-2025-52448HIGHAuthorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on Windows, Linux (validate-initial-sql api moduEPSS 0.3%CVE-2025-59562MEDIUMWordPress Academy LMS Plugin <= 3.3.4 - Insecure Direct Object References (IDOR) VulnerabilityEPSS 0.3%CVE-2025-8855HIGH2FA Expiry Bypass in Optimus Software's Brokerage AutomationEPSS 0.3%CVE-2026-41267HIGHFlowise: Improper Mass Assignment in Account Registration Enables Unauthorized Organization AssociationEPSS 0.3%CVE-2026-41950MEDIUMDify < 1.14.0 Authorization Bypass via File UUIDEPSS 0.3%CVE-2024-47316MEDIUMWordPress Salon Booking Wordpress Plugin plugin <= 10.9 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.3%CVE-2025-58137HIGHApache Fineract: IDOR via self-service APIEPSS 0.3%CVE-2026-41277HIGHFlowise: Mass Assignment in DocumentStore Create Endpoint Leads to Cross-Workspace Object Takeover (IDOR)EPSS 0.3%CVE-2023-30960MEDIUMInsecure Direct Object Reference (IDOR) in Foundry job-trackerEPSS 0.3%CVE-2025-1270CRITICALInsecure direct object reference (IDOR) vulnerability in H6WebEPSS 0.3%CVE-2022-46179CRITICALLiuOS vulnerable to Authorization Bypass through User-Controlled KeyEPSS 0.3%