Weaknesses of type CWE-284

4,429 results
CVE-2022-28612MEDIUMWordPress Custom Popup Builder plugin <= 1.3.1 - Improper Access Control vulnerability leading to multiple Authenticated Stored XSSEPSS 0.5%CVE-2024-31967CRITICALA vulnerability on Mitel 6800 Series and 6900 Series SIP Phones through 6.3 SP3 HF4, 6900w Series SIP Phone through 6.3.3, and 6970 ConferenEPSS 0.5%CVE-2023-25525HIGHNVIDIA Cumulus Linux contains a vulnerability in forwarding where a VxLAN-encapsulated IPv6 packet received on an SVI interface with DMAC/DIEPSS 0.5%CVE-2023-20191MEDIUMA vulnerability in the access control list (ACL) processing on MPLS interfaces in the ingress direction of Cisco IOS XR Software could allowEPSS 0.5%CVE-2022-28753HIGHZoom On-Premise Deployments: Improper Access Control VulnerabilityEPSS 0.5%CVE-2023-1557MEDIUMSourceCodester E-Commerce System Username access controlEPSS 0.5%CVE-2026-44774MEDIUMTraefik: Gateway API TraefikService backend accepts rest@internal, allowing unauthorized exposure of the REST provider despite providers.rest.insecure=falseEPSS 0.5%CVE-2024-47760HIGHGLPI vulnerable to account takeover via APIEPSS 0.5%CVE-2020-26942CRITICALAn issue discovered in Axigen Mail Server 10.3.x before 10.3.1.27 and 10.3.2.x before 10.3.3.1 allows unauthenticated attackers to submit a EPSS 0.5%CVE-2024-0766MEDIUMEnvo's Elementor Templates & Widgets for WooCommerce <= 1.4.4 - Missing Authorization via templates_ajax_requestEPSS 0.5%CVE-2025-5163MEDIUMyangshare 技术杨工 warehouseManager 仓库管理系统 access controlEPSS 0.5%CVE-2023-28372MEDIUMFlashBlade Object Store Privileged AccessEPSS 0.5%CVE-2024-6738MEDIUMWisdomGarden Tronclass - Broken Access ControlEPSS 0.5%CVE-2025-0341MEDIUMCampCodes Computer Laboratory Management System edit unrestricted uploadEPSS 0.5%CVE-2025-6843MEDIUMcode-projects Simple Photo Gallery upload-photo.php unrestricted uploadEPSS 0.5%CVE-2024-1492MEDIUMWPify Woo Czech <= 4.0.8 - Missing AuthorizationEPSS 0.5%CVE-2025-10425MEDIUM1000projects Online Student Project Report Submission and Evaluation System student_controller.php unrestricted uploadEPSS 0.5%CVE-2026-7813CRITICALpgAdmin 4: Cross-user data access and shared-server privilege escalation in server modeEPSS 0.5%CVE-2026-34456CRITICALReviactyl: OAuth account takeover via auto-linkingEPSS 0.5%CVE-2025-9475MEDIUMSourceCodester Human Resource Information System editemployee_process.php unrestricted uploadEPSS 0.5%