Vulnerabilities > Direct Request ('Forced Browsing')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-10 | CVE-2024-11049 | Forced Browsing vulnerability in Zkteco Zkbio Time 9.0.1 A vulnerability classified as problematic has been found in ZKTeco ZKBio Time 9.0.1. | 3.7 |
| 2024-08-14 | CVE-2024-7753 | Forced Browsing vulnerability in Oretnom23 Clinic'S Patient Management System 1.0 A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. | 7.5 |
| 2024-08-12 | CVE-2024-42001 | Forced Browsing vulnerability in Vonets products An improper authentication vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior enables an unauthenticated remote attacker to bypass authentication via a specially crafted direct request when another user has an active session. | 9.8 |
| 2024-08-06 | CVE-2024-33897 | Forced Browsing vulnerability in Hms-Networks Ewon Cosy+ Firmware A compromised HMS Networks Cosy+ device could be used to request a Certificate Signing Request from Talk2m for another device, resulting in an availability issue. | 9.1 |
| 2024-07-09 | CVE-2024-39867 | Forced Browsing vulnerability in Siemens Sinema Remote Connect Server A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). | 7.3 |
| 2024-07-09 | CVE-2024-39868 | Forced Browsing vulnerability in Siemens Sinema Remote Connect Server A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). | 7.3 |
| 2024-01-22 | CVE-2024-0204 | Forced Browsing vulnerability in Fortra Goanywhere Managed File Transfer Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal. | 9.8 |
| 2023-10-26 | CVE-2023-5786 | Forced Browsing vulnerability in Geoserver Geowebcache A vulnerability was found in GeoServer GeoWebCache up to 1.15.1. | 8.8 |
| 2023-10-23 | CVE-2023-5702 | Forced Browsing vulnerability in Viessmann Vitogate 300 Firmware 2.1.3.0 A vulnerability was found in Viessmann Vitogate 300 up to 2.1.3.0 and classified as problematic. | 6.5 |
| 2023-06-29 | CVE-2015-1313 | Forced Browsing vulnerability in Jetbrains Teamcity JetBrains TeamCity 8 and 9 before 9.0.2 allows bypass of account-creation restrictions via a crafted request because the required request data can be deduced by reading HTML and JavaScript files that are returned to the web browser after an initial unauthenticated request. | 6.5 |