Falhas do tipo CWE-425
109 resultadosCVE-2023-46186MEDIUMIBM Jazz for Service Management information disclosureEPSS 0.6%CVE-2024-6414MEDIUMParsec Automation TrakSYS Export Page contentpage direct requestEPSS 0.6%CVE-2025-6352MEDIUMcode-projects Automated Voting System Backend vote.php direct requestEPSS 0.6%CVE-2025-2147MEDIUMBeijing Zhide Intelligent Internet Technology Modern Farm Digital Integrated Management System file accessEPSS 0.6%CVE-2022-42197MEDIUMIn Simple Exam Reviewer Management System v1.0 the User List function has improper access control that allows low privileged users to modifyEPSS 0.6%CVE-2024-2730MEDIUMPredictable Page Indexing Might Lead to Sensitive Data Exposure in MauticEPSS 0.5%CVE-2022-47700HIGHCOMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1 and before is vulnerable to Incorrect AcceEPSS 0.5%CVE-2023-28160MEDIUMWhen following a redirect to a publicly accessible web extension file, the URL may have been translated to the actual local path, leaking poEPSS 0.5%CVE-2024-55075MEDIUMGrocy through 4.3.0 allows remote attackers to obtain sensitive information via direct requests to pages that are not shown in the UI, such EPSS 0.5%CVE-2024-7153MEDIUMNetgear WN604 siteSurvey.php direct requestEPSS 0.5%CVE-2024-0456MEDIUMDirect Request ('Forced Browsing') in GitLabEPSS 0.5%CVE-2023-45596MEDIUMA CWE-425 “Direct Request ('Forced Browsing')” vulnerability in the “file_configuration” functionality of the web application allows a remotEPSS 0.5%CVE-2023-45598MEDIUMA CWE-425 “Direct Request ('Forced Browsing')” vulnerability in the “measure” functionality of the web application allows a remote unauthentEPSS 0.5%CVE-2026-22732CRITICALUnder Some Conditions Spring Security HTTP Headers Are not WrittenEPSS 0.5%CVE-2023-45809LOWDisclosure of user names via admin bulk action views in wagtailEPSS 0.5%CVE-2026-4532MEDIUMcode-projects Simple Food Ordering System Database Backup food.sql file accessEPSS 0.5%CVE-2023-2524MEDIUMControl iD RHiD direct requestEPSS 0.4%CVE-2023-1699MEDIUMRapid7 Nexpose Forced BrowsingEPSS 0.4%CVE-2026-0650CRITICALOpenFlagr <= 1.1.18 Authentication Bypass via Prefix Whitelist Path NormalizationEPSS 0.4%CVE-2025-11280MEDIUMFrappe LMS Assignment Picture files direct requestEPSS 0.4%