Falhas do tipo CWE-284
4.443 resultadosCVE-2026-2226MEDIUMDouPHP ZIP File file.php unrestricted uploadEPSS 0.4%CVE-2026-0643MEDIUMprojectworlds House Rental and Property Listing Signup register.php unrestricted uploadEPSS 0.4%CVE-2025-5425MEDIUMjuzaweb CMS Theme Editor Page default access controlEPSS 0.4%CVE-2024-23447MEDIUMElastic Network Drive Connector Improper Access ControlEPSS 0.4%CVE-2025-53791MEDIUMMicrosoft Edge (Chromium-based) Security Feature Bypass VulnerabilityEPSS 0.4%CVE-2025-9847MEDIUMScriptAndTools Real Estate Management System register.php unrestricted uploadEPSS 0.4%CVE-2025-60306CRITICALcode-projects Simple Car Rental System 1.0 has a permission bypass issue where low privilege users can forge high privilege sessions and perEPSS 0.4%CVE-2025-11354MEDIUMcode-projects Online Hotel Reservation System addslideexec.php unrestricted uploadEPSS 0.4%CVE-2025-43308LOWThis issue was addressed with additional entitlement checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. AEPSS 0.4%CVE-2023-39376MEDIUMSiberianCMS - CWE-284: Improper Access Control Authorized user may disable a security feature over the networkEPSS 0.4%CVE-2025-30709MEDIUMVulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are EPSS 0.4%CVE-2026-42812CRITICALApache Polaris: No protection on `write.metadata.path`EPSS 0.4%CVE-2025-7175MEDIUMcode-projects E-Commerce Site users_photo.php unrestricted uploadEPSS 0.4%CVE-2019-6744MEDIUMThis vulnerability allows local attackers to disclose sensitive information on affected installations of Samsung Knox 1.2.02.39 on Samsung GEPSS 0.4%CVE-2025-65276CRITICALAn unauthenticated administrative access vulnerability exists in the open-source HashTech project (https://github.com/henzljw/hashtech) 1.0 EPSS 0.4%CVE-2022-47407MEDIUMAn issue was discovered in the fp_masterquiz (aka Master-Quiz) extension before 2.2.1, and 3.x before 3.5.1, for TYPO3. An attacker can contEPSS 0.4%CVE-2025-2499MEDIUMClient side access control bypass in the permission component in
Devolutions Remote Desktop Manager on Windows. An authenticated user can eEPSS 0.4%CVE-2026-33316HIGHVikunja’s Improper Access Control Enables Bypass of Administrator-Imposed Account DisablementEPSS 0.4%CVE-2024-13212MEDIUMSingMR HouseRent AddHouseController.java upload unrestricted uploadEPSS 0.4%CVE-2026-41614MEDIUMM365 Copilot for Desktop Spoofing VulnerabilityEPSS 0.4%