Fallos del tipo CWE-266
939 resultadosCVE-2024-13109MEDIUMBeijing Yunfan Internet Technology Yunfan Learning Examination System doc.html improper authorizationEPSS 0.6%CVE-2025-2955MEDIUMTOTOLINK A3000RU IBMS Configuration File ExportIbmsConfig.sh access controlEPSS 0.6%CVE-2025-2994MEDIUMTenda FH1202 Web Management Interface qossetting access controlEPSS 0.6%CVE-2025-2990MEDIUMTenda FH1202 Web Management Interface AdvSetWrlGstset access controlEPSS 0.6%CVE-2025-2989MEDIUMTenda FH1202 Web Management Interface AdvSetWrl access controlEPSS 0.6%CVE-2023-5913HIGHA potential Privilege Escalation vulnerability in opentext Fortify ScanCentral DAST API.EPSS 0.6%CVE-2026-2667MEDIUMRongzhitong Visual Integrated Command and Dispatch Platform api access controlEPSS 0.6%CVE-2024-11073MEDIUMSourceCodester Hospital Management System delete-account.php improper authorizationEPSS 0.6%CVE-2025-15597MEDIUMDataease SQLBot API Endpoint assistant.py access controlEPSS 0.5%CVE-2024-31760MEDIUMAn issue in sanluan flipped-aurora gin-vue-admin 2.4.x allows an attacker to escalate privileges via the Session Expiration component.EPSS 0.5%CVE-2025-2991MEDIUMTenda FH1202 Web Management Interface AdvSetWrlmacfilter access controlEPSS 0.5%CVE-2022-3770MEDIUMYunjing CMS upload_img.html unrestricted uploadEPSS 0.5%CVE-2026-22908CRITICALUploading unvalidated container images may allow remote attackers to gain full access to the system, potentially compromising its integrity EPSS 0.5%CVE-2026-27542CRITICALWordPress Woocommerce Wholesale Lead Capture plugin <= 2.0.3.1 - Privilege Escalation vulnerabilityEPSS 0.5%CVE-2026-32922CRITICALOpenClaw < 2026.3.11 - Privilege Escalation via Unvalidated Scope in device.token.rotateEPSS 0.5%CVE-2025-3537MEDIUMTutorials-Website Employee Management System update-user.php improper authorizationEPSS 0.5%CVE-2026-5312MEDIUMD-Link DNS-1550-04 dsk_mgr.cgi Get_current_raidtype access controlEPSS 0.5%CVE-2024-13189MEDIUMZeroWdd myblog MyBlogMvcConfig.java permissionEPSS 0.5%CVE-2024-54365HIGHWordPress KH Easy User Settings plugin <= 1.0.0 - Privilege Escalation vulnerabilityEPSS 0.5%CVE-2019-11891HIGHIncorrect privilege assignment in the app pairing mechanism of the Bosch Smart Home Controller (SHC)EPSS 0.5%