Vulnerabilities > Authorization Bypass Through User-Controlled Key
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-07 | CVE-2021-33223 | Authorization Bypass Through User-Controlled Key vulnerability in Seeddms 6.0.15 An issue discovered in SeedDMS 6.0.15 allows an attacker to escalate privileges via the userid and role parameters in the out.UsrMgr.php file. | 8.8 |
| 2023-06-05 | CVE-2023-33956 | Authorization Bypass Through User-Controlled Key vulnerability in Kanboard Kanboard is open source project management software that focuses on the Kanban methodology. | 6.5 |
| 2023-06-05 | CVE-2023-3066 | Authorization Bypass Through User-Controlled Key vulnerability in Mobatime Amxgt 100 1.3.20 Incorrect Authorization vulnerability in Mobatime mobile application AMXGT100 allows a low-privileged user to impersonate anyone else, including administratorsThis issue affects Mobatime mobile application AMXGT100: through 1.3.20. | 8.1 |
| 2023-06-01 | CVE-2023-32310 | Authorization Bypass Through User-Controlled Key vulnerability in Dataease DataEase is an open source data visualization and analysis tool. | 8.1 |
| 2023-05-30 | CVE-2022-36247 | Authorization Bypass Through User-Controlled Key vulnerability in Shopbeat Shop Beat Media Player 2.5.95 Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to IDOR via controlpanel.shopbeat.co.za. | 9.1 |
| 2023-05-30 | CVE-2023-2978 | Authorization Bypass Through User-Controlled Key vulnerability in Abstrium Pydio Cells 4.2.0 A vulnerability was found in Abstrium Pydio Cells 4.2.0. | 4.3 |
| 2023-05-24 | CVE-2023-2065 | Authorization Bypass Through User-Controlled Key vulnerability in Armoli Cargo Tracking System Authorization Bypass Through User-Controlled Key vulnerability in Armoli Technology Cargo Tracking System allows Authentication Abuse, Authentication Bypass.This issue affects Cargo Tracking System: before 3558f28 . | 8.8 |
| 2023-05-20 | CVE-2023-2276 | Authorization Bypass Through User-Controlled Key vulnerability in Wclovers Wcfm Membership The WCFM Membership – WooCommerce Memberships for Multivendor Marketplace plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 2.10.7. | 9.8 |
| 2023-05-16 | CVE-2023-2548 | Authorization Bypass Through User-Controlled Key vulnerability in Metagauss Registrationmagic The RegistrationMagic plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 5.2.0.5. | 7.2 |
| 2023-05-08 | CVE-2023-31182 | Authorization Bypass Through User-Controlled Key vulnerability in Easytor EasyTor Applications – Authorization Bypass - EasyTor Applications may allow authorization bypass via unspecified method. | 9.8 |