Fallos del tipo CWE-284

4444 resultados
CVE-2026-1152MEDIUMtechnical-laohu mpay QR Code Image unrestricted uploadEPSS 0.3%CVE-2025-9841MEDIUMcode-projects Mobile Shop Management System AddNewProduct.php unrestricted uploadEPSS 0.3%CVE-2026-36738MEDIUMU-SPEED AC1200 Gigabit Wi-Fi Router (Model: T18-21K) V1.0 is vulnerable to Incorrect Access Control. The device exposes a UART interface thaEPSS 0.3%CVE-2026-3800MEDIUMSourceCodester/janobe Resort Reservation System controller.php doInsert unrestricted uploadEPSS 0.3%CVE-2026-29597MEDIUMDDSN Interactive cm3 Acora CMS version 10.7.1 contains an improper access control vulnerability. An editor-privileged user can access sensitEPSS 0.3%CVE-2025-11352MEDIUMcode-projects Online Hotel Reservation System addexec.php unrestricted uploadEPSS 0.3%CVE-2026-35234MEDIUMVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Partition). Supported versions that are affected are 9.0.0-9.EPSS 0.3%CVE-2025-11353MEDIUMcode-projects Online Hotel Reservation System addgalleryexec.php unrestricted uploadEPSS 0.3%CVE-2025-14885MEDIUMSourceCodester Client Database Management System Leads Generation user_leads.php unrestricted uploadEPSS 0.3%CVE-2025-54563HIGHAn Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which aEPSS 0.3%CVE-2025-11351MEDIUMcode-projects Online Hotel Reservation System editpicexec.php unrestricted uploadEPSS 0.3%CVE-2020-9046HIGHKantech EntraPass Security Management Software - System Permissions VulnerabilityEPSS 0.3%CVE-2023-24490MEDIUMUsers with only access to launch VDA applications can launch an unauthorized desktopEPSS 0.3%CVE-2026-20632MEDIUMA parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Tahoe 26.4. An EPSS 0.3%CVE-2026-35235MEDIUMVulnerability in the MySQL Server product of Oracle MySQL (component: Server: GIS). Supported versions that are affected are 9.0.0-9.6.0. EEPSS 0.3%CVE-2025-28041HIGHIncorrect access control in the doFilter function of itranswarp up to 2.19 allows attackers to access sensitive components without authenticEPSS 0.3%CVE-2024-42021HIGHAn improper access control vulnerability allows an attacker with valid access tokens to access saved credentials.EPSS 0.3%CVE-2023-42945CRITICALA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.1. An app may gain unauthorized accesEPSS 0.3%CVE-2025-55471HIGHIncorrect access control in the getUserFormData function of youlai-boot v2.21.1 allows attackers to access sensitive information for other uEPSS 0.3%CVE-2024-48899MEDIUMMoodle: idor when accessing list of course badgesEPSS 0.3%