Vulnerabilities > Authorization Bypass Through User-Controlled Key
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-20 | CVE-2023-42334 | Authorization Bypass Through User-Controlled Key vulnerability in Fl3Xx Crew and Dispatch An Indirect Object Reference (IDOR) in Fl3xx Dispatch 2.10.37 and fl3xx Crew 2.10.37 allows a remote attacker to escalate privileges via the user parameter. | 6.5 |
| 2023-09-13 | CVE-2023-4213 | Authorization Bypass Through User-Controlled Key vulnerability in Mikevanwinkle Simplr Registration Form Plus+ The Simplr Registration Form Plus+ plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 2.4.5. | 8.8 |
| 2023-09-12 | CVE-2023-41368 | Authorization Bypass Through User-Controlled Key vulnerability in SAP S/4 Hana The OData service of the S4 HANA (Manage checkbook apps) - versions 102, 103, 104, 105, 106, 107, allows an attacker to change the checkbook name by simulating an update OData call. | 5.3 |
| 2023-09-06 | CVE-2020-10130 | Authorization Bypass Through User-Controlled Key vulnerability in Searchblox SearchBlox before Version 9.1 is vulnerable to business logic bypass where the user is able to create multiple super admin users in the system. | 8.8 |
| 2023-09-04 | CVE-2023-4587 | Authorization Bypass Through User-Controlled Key vulnerability in Zkteco Zem800 Firmware 6.60 An IDOR vulnerability has been found in ZKTeco ZEM800 product affecting version 6.60. | 5.5 |
| 2023-08-24 | CVE-2023-32078 | Authorization Bypass Through User-Controlled Key vulnerability in Gravitl Netmaker Netmaker makes networks with WireGuard. | 7.5 |
| 2023-08-14 | CVE-2023-28481 | Authorization Bypass Through User-Controlled Key vulnerability in Tigergraph 3.7.0 An issue was discovered in Tigergraph Enterprise 3.7.0. | 8.8 |
| 2023-08-10 | CVE-2023-37543 | Authorization Bypass Through User-Controlled Key vulnerability in Cacti Cacti before 1.2.6 allows IDOR (Insecure Direct Object Reference) for accessing any graph via a modified local_graph_id parameter to graph_xport.php. | 7.5 |
| 2023-07-17 | CVE-2023-2958 | Authorization Bypass Through User-Controlled Key vulnerability in Orjinyazilim ATS PRO Authorization Bypass Through User-Controlled Key vulnerability in Origin Software ATS Pro allows Authentication Abuse, Authentication Bypass.This issue affects ATS Pro: before 20230714. | 9.8 |
| 2023-07-17 | CVE-2023-3700 | Authorization Bypass Through User-Controlled Key vulnerability in Easyappointments Authorization Bypass Through User-Controlled Key in GitHub repository alextselegidis/easyappointments prior to 1.5.0. | 4.3 |