Weaknesses of type CWE-425
109 resultsCVE-2025-62778LOWFrappe Learning allowed students to access the Quiz Form via direct URLEPSS 0.2%CVE-2025-57823LOWA direct request ('forced browsing') vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, EPSS 0.2%CVE-2025-53073MEDIUMIn Sentry 25.1.0 through 25.5.1, an authenticated attacker can access a project's issue endpoint and perform unauthorized actions (such as aEPSS 0.2%CVE-2026-32867MEDIUMOPEXUS eComplaint unauthenticated file uploadEPSS 0.2%CVE-2025-15587HIGHCredentials exposure in tinycontrol devicesEPSS 0.2%CVE-2025-65011HIGHUnauthorized Access to files in WODESYS WD-R608U routerEPSS 0.2%CVE-2024-58343MEDIUMVision Helpdesk before 5.7.0 (patched in 5.6.10) allows attackers to read user profiles via modified serialized cookie data to vis_client_idEPSS 0.2%CVE-2025-31971MEDIUMAIML Solutions for HCL SX is susceptible to a URL validation vulnerabilityEPSS 0.1%CVE-2026-9610LOWMultiple Vulnerabilities in IBM DatacapEPSS 0.1%