VYPR

CWE-425

Direct Request ('Forced Browsing')

BaseIncomplete

Description

The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files.

Hierarchy (View 1000)

Children

none

Related attack patterns (CAPEC)

CAPEC-127 · CAPEC-143 · CAPEC-144 · CAPEC-668 · CAPEC-87

CVEs mapped to this weakness (77)

page 2 of 4
  • CVE-2025-65011HigDec 18, 2025
    risk 0.46cvss epss 0.00

    In WODESYS WD-R608U router (also known as WDR122B V2.0 and WDR28) an unauthorised user can view configuration files by directly referencing the resource in question. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or…

  • CVE-2026-34028MedJun 15, 2026
    risk 0.45cvss epss 0.00

    The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, exposes web-accessible file paths that are not protected by an authorization scheme. An unauthenticated attacker can directly access HTTP endpoints to download files from locations such as…

  • CVE-2026-25679HigMar 6, 2026
    risk 0.42cvss 7.5epss 0.01

    url.Parse insufficiently validated the host/authority component and accepted some invalid URLs.

  • CVE-2025-26381MedDec 17, 2025
    risk 0.42cvss epss 0.00

    Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to sensitive information.

  • CVE-2025-52920MedJun 23, 2025
    risk 0.42cvss 6.4epss 0.00

    Innoshop through 0.4.1 allows Insecure Direct Object Reference (IDOR) at multiple places within the frontend shop. Anyone can create a customer account and easily exploit these. Successful exploitation results in disclosure of the PII of other customers and the deletion of their…

  • CVE-2018-0267MedApr 19, 2018
    risk 0.42cvss 6.5epss 0.00

    A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, local attacker to view sensitive data that should be restricted. This could include LDAP credentials. The vulnerability is due to insufficient protection of database tables…

  • CVE-2018-0140MedFeb 8, 2018
    risk 0.42cvss 6.5epss 0.02

    A vulnerability in the spam quarantine of Cisco Email Security Appliance and Cisco Content Security Management Appliance could allow an authenticated, remote attacker to download any message from the spam quarantine by modifying browser string information. The vulnerability is…

  • CVE-2017-2486MedApr 2, 2017
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to spoof the address bar via a crafted web site.

  • CVE-2025-59797MedSep 22, 2025
    risk 0.38cvss 5.8epss 0.00

    Profession Fit 5.0.99 Build 44910 allows authorization bypass via a direct request for /api/challenges/{id} and also URLs for eversports, the user-management page, and the plane page.

  • CVE-2024-6188MedJun 20, 2024
    risk 0.37cvss 5.3epss 0.02

    A vulnerability was found in Parsec Automation TrackSYS 11.x.x and classified as problematic. This issue affects some unknown processing of the file /TS/export/pagedefinition. The manipulation of the argument ID leads to direct request. The attack may be initiated remotely. The…

  • CVE-2018-0198MedMar 27, 2018
    risk 0.35cvss 5.3epss 0.02

    A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing…

  • CVE-2018-0105MedJan 18, 2018
    risk 0.35cvss 5.3epss 0.02

    A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing…

  • CVE-2017-2143MedApr 28, 2017
    risk 0.35cvss 5.3epss 0.01

    CS-Cart Japanese Edition v4.3.10-jp-1 and earlier, CS-Cart Multivendor Japanese Edition v4.3.10-jp-1 and earlier allows remote attackers to bypass access restriction to create a request to return a customer purchased item via rma.post.php.

  • CVE-2017-2139MedApr 28, 2017
    risk 0.35cvss 5.3epss 0.01

    CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3), CS-Cart Multivendor Japanese Edition v4.3.10 and earlier (excluding v2 and v3) allows remote attackers to bypass access restriction to obtain customer information via orders.pre.php.

  • CVE-2005-1688MedMay 20, 2005
    risk 0.35cvss 5.3epss 0.02

    Wordpress 1.5 and earlier allows remote attackers to obtain sensitive information via a direct request to files in (1) wp-content/themes/, (2) wp-includes/, or (3) wp-admin/, which reveal the path in an error message.

  • CVE-2004-2257MedDec 31, 2004
    risk 0.35cvss 5.3epss 0.02

    phpMyFAQ 1.4.0 allows remote attackers to access the Image Manager to upload or delete images without authorization via a direct request.

  • CVE-2026-29909MedMar 30, 2026
    risk 0.34cvss 5.3epss 0.00

    MRCMS V3.1.2 contains an unauthenticated directory enumeration vulnerability in the file management module. The /admin/file/list.do endpoint lacks authentication controls and proper input validation, allowing remote attackers to enumerate directory contents on the server without…

  • CVE-2026-4900MedMar 26, 2026
    risk 0.34cvss 5.3epss 0.00

    A weakness has been identified in code-projects Online Food Ordering System 1.0. This affects an unknown part of the file /dbfood/localhost.sql. This manipulation causes files or directories accessible. The attack can be initiated remotely. The exploit has been made available to…

  • CVE-2026-4532MedMar 22, 2026
    risk 0.34cvss 5.3epss 0.00

    A security vulnerability has been detected in code-projects Simple Food Ordering System up to 1.0. Affected by this vulnerability is an unknown functionality of the file /food/sql/food.sql of the component Database Backup Handler. The manipulation leads to files or directories…

  • CVE-2025-2595MedApr 23, 2025
    risk 0.34cvss 5.3epss 0.00

    An unauthenticated remote attacker can bypass the user management in CODESYS Visualization and read visualization template files or static elements by means of forced browsing.