Vulnerabilities > Direct Request ('Forced Browsing')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-17 | CVE-2017-14244 | Forced Browsing vulnerability in Iball Ib-Wra150N Firmware Fwiblr7011A1.0.2 An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2 devices potentially allows attackers to directly access administrative router settings by crafting URLs with a .cgi extension, as demonstrated by /info.cgi and /password.cgi. | 9.8 |
| 2017-08-29 | CVE-2017-10833 | Forced Browsing vulnerability in Nippon-Antenna Scr02Hd Firmware 1.0.3.1000 "Dokodemo eye Smart HD" SCR02HD Firmware 1.0.3.1000 and earlier allows remote attackers to bypass access restriction to view information or modify configurations via unspecified vectors. | 9.1 |
| 2017-05-22 | CVE-2017-2161 | Forced Browsing vulnerability in Toshiba Flashair FlashAirTM SDHC Memory Card (SD-WE Series <W-03>) V3.00.02 and earlier and FlashAirTM SDHC Memory Card (SD-WD/WC Series <W-02>) V2.00.04 and earlier allows authenticated attackers to bypass access restrictions to obtain unauthorized image data via unspecified vectors. | 3.5 |
| 2017-04-28 | CVE-2017-2143 | Forced Browsing vulnerability in Frogman Office INC products CS-Cart Japanese Edition v4.3.10-jp-1 and earlier, CS-Cart Multivendor Japanese Edition v4.3.10-jp-1 and earlier allows remote attackers to bypass access restriction to create a request to return a customer purchased item via rma.post.php. | 5.3 |
| 2017-04-28 | CVE-2017-2139 | Forced Browsing vulnerability in Frogman Office INC Cs-Cart 4.3.10 CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3), CS-Cart Multivendor Japanese Edition v4.3.10 and earlier (excluding v2 and v3) allows remote attackers to bypass access restriction to obtain customer information via orders.pre.php. | 5.3 |
| 2017-04-02 | CVE-2017-2486 | Forced Browsing vulnerability in Apple Iphone OS and Safari An issue was discovered in certain Apple products. | 6.5 |
| 2002-12-31 | CVE-2002-1798 | Forced Browsing vulnerability in Midicart PHP, Midicart PHP Maxi and Midicart PHP Plus MidiCart PHP, PHP Plus, and PHP Maxi allows remote attackers to (1) upload arbitrary php files via a direct request to admin/upload.php or (2) access sensitive information via a direct request to admin/credit_card_info.php. | 9.1 |