Falhas do tipo CWE-639
1.559 resultadosCVE-2025-4129HIGHIDOR in PAVO Inc.'s PAVO PayEPSS 0.4%CVE-2025-62166HIGHFreshRSS has an IDOR which allows for viewing feeds of any user and leaking tokensEPSS 0.4%CVE-2026-40981HIGHWhen using Google Secrets Manager as a backend for the Spring Cloud Config server a client can craft a request to the config server potentiaEPSS 0.4%CVE-2025-10855HIGHIDOR in Solvera Software's TeknoeraEPSS 0.4%CVE-2026-3453HIGHProfilePress <= 4.16.11 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Subscription Cancellation/ExpirationEPSS 0.4%CVE-2024-9700MEDIUMForminator Forms – Contact Form, Payment Form & Custom Form Builder <= 1.36.0 - Insecure Direct Object Reference to Submission ManipulationEPSS 0.4%CVE-2024-31291MEDIUMWordPress ProfileGrid plugin <= 5.7.6 - IDOR on Friend Request vulnerabilityEPSS 0.4%CVE-2024-45806MEDIUMPotential manipulate `x-envoy` headers from external sources in envoyEPSS 0.4%CVE-2023-30956MEDIUMIDOR in Foundry Comments allows retrieval of attachmentsEPSS 0.4%CVE-2024-10798MEDIUMRoyal Elementor Addons and Templates <= 1.7.1003 - Authenticated (Contributor+) Post DisclosureEPSS 0.4%CVE-2024-10780MEDIUMRestaurant & Cafe Addon for Elementor <= 1.5.9 - Authenticated (Contributor+) Post DisclosureEPSS 0.4%CVE-2024-8158HIGHUser impersonation for lib9p based 9p fileserversEPSS 0.4%CVE-2025-64523HIGHFileBrowser has Insecure Direct Object Reference (IDOR) in Share Deletion FunctionEPSS 0.4%CVE-2025-0875MEDIUMIDOR in Proliz Software's OBSEPSS 0.4%CVE-2026-30230HIGHFlare: Password‑Protected Thumbnail BypassEPSS 0.4%CVE-2025-3574HIGHInsecure Direct Object Reference on Deporsite by T-INNOVAEPSS 0.4%CVE-2025-3575HIGHInsecure Direct Object Reference en Deporsite de T-INNOVAEPSS 0.4%CVE-2025-34436HIGHAVideo < 20.1 IDOR Arbitrary File UploadEPSS 0.4%CVE-2026-5167MEDIUMMasteriyo LMS <= 2.1.7 - Unauthenticated Authorization Bypass to Arbitrary Order Completion via Stripe Webhook EndpointEPSS 0.4%CVE-2026-32638LOWStudioCMS REST getUsers Exposes Owner Account Records to Admin TokensEPSS 0.4%