Vulnerabilities > Direct Request ('Forced Browsing')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-26 | CVE-2023-5786 | Forced Browsing vulnerability in Geoserver Geowebcache A vulnerability was found in GeoServer GeoWebCache up to 1.15.1. | 8.8 |
| 2023-10-23 | CVE-2023-5702 | Forced Browsing vulnerability in Viessmann Vitogate 300 Firmware 2.1.3.0 A vulnerability was found in Viessmann Vitogate 300 up to 2.1.3.0 and classified as problematic. | 6.5 |
| 2023-08-26 | CVE-2023-4544 | Forced Browsing vulnerability in Byzoro Smart S85F Management Platform A vulnerability was found in Byzoro Smart S85F Management Platform up to 20230809. | 4.3 |
| 2023-07-20 | CVE-2023-3792 | Forced Browsing vulnerability in Netentsec Application Security Gateway 6.3 A vulnerability was found in Beijing Netcon NS-ASG 6.3. | 6.5 |
| 2023-06-29 | CVE-2015-1313 | Forced Browsing vulnerability in Jetbrains Teamcity JetBrains TeamCity 8 and 9 before 9.0.2 allows bypass of account-creation restrictions via a crafted request because the required request data can be deduced by reading HTML and JavaScript files that are returned to the web browser after an initial unauthenticated request. | 6.5 |
| 2023-05-04 | CVE-2023-2524 | Forced Browsing vulnerability in Controlid Rhid 23.3.19.0 A vulnerability classified as critical has been found in Control iD RHiD 23.3.19.0. | 9.8 |
| 2023-03-30 | CVE-2023-1699 | Forced Browsing vulnerability in Rapid7 Nexpose Rapid7 Nexpose versions 6.6.186 and below suffer from a forced browsing vulnerability. This vulnerability allows an attacker to manipulate URLs to forcefully browse to and access administrative pages. | 9.8 |
| 2023-03-29 | CVE-2023-1663 | Forced Browsing vulnerability in Synopsys Coverity Coverity versions prior to 2023.3.2 are vulnerable to forced browsing, which exposes authenticated resources to unauthorized actors. | 5.3 |
| 2023-03-29 | CVE-2023-1682 | Forced Browsing vulnerability in Xunruicms 4.6.1 A vulnerability has been found in Xunrui CMS 4.61 and classified as problematic. | 7.5 |
| 2023-02-08 | CVE-2022-42438 | Forced Browsing vulnerability in IBM Cloud PAK for Multicloud Management Monitoring IBM Cloud Pak for Multicloud Management Monitoring 2.0 and 2.3 allows users without admin roles access to admin functions by specifying direct URL paths. | 8.8 |