Vulnerabilities > Direct Request ('Forced Browsing')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-22 | CVE-2017-2161 | Forced Browsing vulnerability in Toshiba Flashair FlashAirTM SDHC Memory Card (SD-WE Series <W-03>) V3.00.02 and earlier and FlashAirTM SDHC Memory Card (SD-WD/WC Series <W-02>) V2.00.04 and earlier allows authenticated attackers to bypass access restrictions to obtain unauthorized image data via unspecified vectors. | 3.5 |
| 2017-04-28 | CVE-2017-2143 | Forced Browsing vulnerability in Frogman Office INC products CS-Cart Japanese Edition v4.3.10-jp-1 and earlier, CS-Cart Multivendor Japanese Edition v4.3.10-jp-1 and earlier allows remote attackers to bypass access restriction to create a request to return a customer purchased item via rma.post.php. | 5.3 |
| 2017-04-28 | CVE-2017-2139 | Forced Browsing vulnerability in Frogman Office INC Cs-Cart 4.3.10 CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3), CS-Cart Multivendor Japanese Edition v4.3.10 and earlier (excluding v2 and v3) allows remote attackers to bypass access restriction to obtain customer information via orders.pre.php. | 5.3 |
| 2017-04-02 | CVE-2017-2486 | Forced Browsing vulnerability in Apple Safari An issue was discovered in certain Apple products. | 6.5 |
| 2002-12-31 | CVE-2002-1798 | Forced Browsing vulnerability in Midicart PHP, Midicart PHP Maxi and Midicart PHP Plus MidiCart PHP, PHP Plus, and PHP Maxi allows remote attackers to (1) upload arbitrary php files via a direct request to admin/upload.php or (2) access sensitive information via a direct request to admin/credit_card_info.php. | 9.1 |