VYPR

CWE-639

Authorization Bypass Through User-Controlled Key

BaseIncompleteLikelihood: High

Description

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

Hierarchy (View 1000)

Parents

Children

CVEs mapped to this weakness (1,068)

page 5 of 54
  • CVE-2025-52389HigSep 8, 2025
    risk 0.57cvss 8.8epss 0.00

    An Insecure Direct Object Reference (IDOR) in Envasadora H2O Eireli - Soda Cristal v40.20.4 allows authenticated attackers to access sensitive data for other users via a crafted HTTP request.

  • CVE-2025-46387HigAug 6, 2025
    risk 0.57cvss 8.8epss 0.00

    CWE-639 Authorization Bypass Through User-Controlled Key

  • CVE-2025-46386HigAug 6, 2025
    risk 0.57cvss 8.8epss 0.00

    CWE-639 Authorization Bypass Through User-Controlled Key

  • CVE-2025-51865HigJul 22, 2025
    risk 0.57cvss 8.8epss 0.00

    Ai2 playground web service (playground.allenai.org) LLM chat through 2025-06-03 is vulnerable to Insecure Direct Object Reference (IDOR), allowing attackers to gain sensitvie information via enumerating thread keys in the URL.

  • CVE-2025-34140HigJul 22, 2025
    risk 0.57cvss epss 0.01

    An authorization bypass vulnerability exists in ETQ Reliance (legacy CG and NXG SaaS platforms). By appending a specific URI suffix to certain API endpoints, an unauthenticated attacker can bypass access control checks and retrieve limited sensitive resources. The root cause was…

  • CVE-2025-40650HigMay 26, 2025
    risk 0.57cvss epss 0.00

    Insecure Direct Object Reference (IDOR) vulnerability in Clickedu. This vulnerability could allow an attacker to retrieve information about student report cards.

  • CVE-2025-3610HigMay 6, 2025
    risk 0.57cvss 8.8epss 0.01

    The Reales WP STPT plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.1.2. This is due to the plugin not properly validating a user's identity prior to updating their details like password. This makes it…

  • CVE-2025-3575HigApr 15, 2025
    risk 0.57cvss epss 0.00

    Insecure Direct Object Reference vulnerability in Deporsite from T-INNOVA allows an attacker to retrieve sensitive information from others users via "idUsuario" parameter in "/helper/Familia/establecerUsuarioSeleccion" endpoint.

  • CVE-2025-3574HigApr 15, 2025
    risk 0.57cvss epss 0.00

    Insecure Direct Object Reference vulnerability in Deporsite from T-INNOVA allows an attacker to retrieve sensitive information from others users via "idUsuario" parameter in "/helper/Familia/obtenerFamiliaUsuario" endpoint.

  • CVE-2025-2526HigApr 8, 2025
    risk 0.57cvss 8.8epss 0.01

    The Streamit theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.0.2. This is due to the plugin not properly validating a user's identity prior to updating their details like email in the…

  • CVE-2025-1667HigMar 15, 2025
    risk 0.57cvss 8.8epss 0.00

    The School Management System – WPSchoolPress plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the wpsp_UpdateTeacher() function in all versions up to, and including, 2.2.16. This makes it possible for authenticated attackers, with…

  • CVE-2024-34520HigFeb 12, 2025
    risk 0.57cvss 8.8epss 0.00

    An authorization bypass vulnerability exists in the Mavenir SCE Application Provisioning Portal, version PORTAL-LBS-R_1_0_24_0, which allows an authenticated 'guest' user to perform unauthorized administrative actions, such as accessing the 'add user' feature, by bypassing…

  • CVE-2024-10497HigJan 17, 2025
    risk 0.57cvss 8.8epss 0.01

    CWE-639: Authorization Bypass Through User-Controlled Key vulnerability exists that could allow an authorized attacker to modify values outside those defined by their privileges (Elevation of Privileges) when the attacker sends modified HTTPS requests to the device.

  • CVE-2024-13040HigDec 31, 2024
    risk 0.57cvss 8.8epss 0.00

    The QOCA aim from Quanta Computer has an Authorization Bypass Through User-Controlled Key vulnerability. By controlling the user ID parameter, remote attackers with regular privileges could access certain features as any user, modify any user's account information and…

  • CVE-2024-48217HigNov 1, 2024
    risk 0.57cvss 8.8epss 0.01

    An Insecure Direct Object Reference (IDOR) in the dashboard of SiSMART v7.4.0 allows attackers to execute a horizontal-privilege escalation.

  • CVE-2024-9263CriOct 17, 2024
    risk 0.57cvss 9.8epss 0.01

    The WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin plugin for WordPress is vulnerable to Account Takeover/Privilege Escalation via Insecure Direct Object Reference in all versions up to, and including, 1.0.25 via the save() due to missing…

  • CVE-2024-9215HigOct 17, 2024
    risk 0.57cvss 8.8epss 0.01

    The Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors plugin for WordPress is vulnerable to Insecure Direct Object Reference to Privilege Escalation/Account Takeover in all versions up to, and including, 4.7.1 via the…

  • CVE-2023-6523HigApr 5, 2024
    risk 0.57cvss 8.8epss 0.01

    Authorization Bypass Through User-Controlled Key vulnerability in ExtremePacs Extreme XDS allows Authentication Abuse. This issue affects Extreme XDS: before 3914.

  • CVE-2023-6724HigFeb 9, 2024
    risk 0.57cvss 8.8epss 0.01

    Authorization Bypass Through User-Controlled Key vulnerability in Software Engineering Consultancy Machine Equipment Limited Company Hearing Tracking System allows Authentication Abuse. This issue affects Hearing Tracking System: before for IOS 7.0, for Android Latest release…

  • CVE-2023-6515HigFeb 8, 2024
    risk 0.57cvss 8.8epss 0.01

    Authorization Bypass Through User-Controlled Key vulnerability in Mia Technology Inc. MİA-MED allows Authentication Abuse. This issue affects MİA-MED: before 1.0.7.