Vulnerabilities > Authorization Bypass Through User-Controlled Key
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-03 | CVE-2023-2544 | Authorization Bypass Through User-Controlled Key vulnerability in UPV Peix Authorization bypass vulnerability in UPV PEIX, affecting the component "pdf_curri_new.php". | 6.5 |
| 2023-10-03 | CVE-2023-32669 | Authorization Bypass Through User-Controlled Key vulnerability in Buddyboss 2.2.9 Authorization bypass vulnerability in BuddyBoss 2.2.9 version, the exploitation of which could allow an authenticated user to access and rename other users' albums. | 5.4 |
| 2023-10-03 | CVE-2023-4099 | Authorization Bypass Through User-Controlled Key vulnerability in Qsige 3.0.0.0 The QSige Monitor application does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. | 6.5 |
| 2023-10-03 | CVE-2023-4101 | Authorization Bypass Through User-Controlled Key vulnerability in Qsige 3.0.0.0 The QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. | 6.5 |
| 2023-09-28 | CVE-2023-38872 | Authorization Bypass Through User-Controlled Key vulnerability in Economizzer 0.9/April2023 An Insecure Direct Object Reference (IDOR) vulnerability in gugoan Economizzer commit 3730880 (April 2023) and v.0.9-beta1 allows any unauthenticated attacker to access cash book entry attachments of any other user, if they know the Id of the attachment. | 3.7 |
| 2023-09-27 | CVE-2023-44154 | Authorization Bypass Through User-Controlled Key vulnerability in Acronis Cyber Protect 15 Sensitive information disclosure and manipulation due to improper authorization. | 8.1 |
| 2023-09-27 | CVE-2023-44205 | Authorization Bypass Through User-Controlled Key vulnerability in Acronis Cyber Protect 15 Sensitive information disclosure due to improper authorization. | 5.3 |
| 2023-09-27 | CVE-2023-44206 | Authorization Bypass Through User-Controlled Key vulnerability in Acronis Cyber Protect 15 Sensitive information disclosure and manipulation due to improper authorization. | 9.1 |
| 2023-09-20 | CVE-2023-42334 | Authorization Bypass Through User-Controlled Key vulnerability in Fl3Xx Crew and Dispatch An Indirect Object Reference (IDOR) in Fl3xx Dispatch 2.10.37 and fl3xx Crew 2.10.37 allows a remote attacker to escalate privileges via the user parameter. | 6.5 |
| 2023-09-06 | CVE-2020-10130 | Authorization Bypass Through User-Controlled Key vulnerability in Searchblox SearchBlox before Version 9.1 is vulnerable to business logic bypass where the user is able to create multiple super admin users in the system. | 8.8 |