Vulnerabilities > Direct Request ('Forced Browsing')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-06 | CVE-2022-31485 | Forced Browsing vulnerability in multiple products An unauthenticated attacker can send a specially crafted packets to update the “notes” section of the home page of the web interface. | 5.3 |
| 2022-06-02 | CVE-2022-28799 | Forced Browsing vulnerability in Tiktok The TikTok application before 23.7.3 for Android allows account takeover. | 8.8 |
| 2022-05-20 | CVE-2022-28991 | Forced Browsing vulnerability in Bdtask Multi Store Inventory Management System 1.0 Multi Store Inventory Management System v1.0 was discovered to contain an information disclosure vulnerability which allows attackers to access sensitive files. | 7.5 |
| 2022-04-16 | CVE-2022-26653 | Forced Browsing vulnerability in Zohocorp Manageengine Remote Access Plus Zoho ManageEngine Remote Access Plus before 10.1.2137.15 allows guest users to view domain details (such as the username and GUID of an administrator). | 5.3 |
| 2022-04-16 | CVE-2022-26777 | Forced Browsing vulnerability in Zohocorp Manageengine Remote Access Plus Zoho ManageEngine Remote Access Plus before 10.1.2137.15 allows guest users to view license details. | 5.3 |
| 2022-04-12 | CVE-2022-27480 | Forced Browsing vulnerability in Siemens products A vulnerability has been identified in SICAM A8000 CP-8031 (All versions < V4.80), SICAM A8000 CP-8050 (All versions < V4.80). | 7.5 |
| 2022-04-09 | CVE-2022-28365 | Forced Browsing vulnerability in Reprisesoftware Reprise License Manager 14.2/14.2Bl4/15.0 Reprise License Manager 14.2 is affected by an Information Disclosure vulnerability via a GET request to /goforms/rlminfo. | 5.3 |
| 2022-03-29 | CVE-2022-1077 | Forced Browsing vulnerability in TEM Flex-1080 Firmware and Flex-1085 Firmware A vulnerability was found in TEM FLEX-1080 and FLEX-1085 1.6.0. | 7.5 |
| 2022-03-24 | CVE-2022-26279 | Forced Browsing vulnerability in Eyoucms 1.5.5 EyouCMS v1.5.5 was discovered to have no access control in the component /data/sqldata. | 9.8 |
| 2022-03-14 | CVE-2022-24385 | Forced Browsing vulnerability in Smartertools Smartertrack A Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure This issue affects: SmarterTools SmarterTrack 100.0.8019.14010. | 6.5 |