Vulnerabilities > Incorrect Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2022-11-29	CVE-2022-4036	Incorrect Authorization vulnerability in Dwbooster Appointment Hour Booking The Appointment Hour Booking plugin for WordPress is vulnerable to CAPTCHA bypass in versions up to, and including, 1.3.72. network low complexity dwbooster CWE-863	5.3
2022-11-28	CVE-2022-24189	Incorrect Authorization vulnerability in Sz-Fujia Ourphoto 1.4.1 The user_token authorization header on the Ourphoto App version 1.4.1 /apiv1/* end-points is not implemented properly. network low complexity sz-fujia CWE-863	6.5
2022-11-22	CVE-2022-41326	Incorrect Authorization vulnerability in Mitel Micollab The web conferencing component of Mitel MiCollab through 9.6.0.13 could allow an unauthenticated attacker to upload arbitrary scripts due to improper authorization controls. network low complexity mitel CWE-863 critical	9.8
2022-11-19	CVE-2022-41155	Incorrect Authorization vulnerability in Webence IQ Block Country Block BYPASS vulnerability in iQ Block Country plugin <= 1.2.18 on WordPress. network low complexity webence CWE-863 critical	9.8
2022-11-18	CVE-2022-34827	Incorrect Authorization vulnerability in Carel Boss Mini Firmware 1.5.0 Carel Boss Mini 1.5.0 has Improper Access Control. network low complexity carel CWE-863 critical	9.9
2022-11-18	CVE-2022-40216	Incorrect Authorization vulnerability in Wordplus Better Messages Auth. network low complexity wordplus CWE-863	6.5
2022-11-17	CVE-2022-36785	Incorrect Authorization vulnerability in Dlink G Integrated Access Device4 Firmware 1.0 D-Link – G integrated Access Device4 Information Disclosure & Authorization Bypass. network low complexity dlink CWE-863	7.5
2022-11-17	CVE-2022-42903	Incorrect Authorization vulnerability in Zohocorp Manageengine Supportcenter Plus 11.0 Zoho ManageEngine SupportCenter Plus through 11024 allows low-privileged users to view the organization users list. local low complexity zohocorp CWE-863	3.3
2022-11-16	CVE-2022-4014	Incorrect Authorization vulnerability in Feehi Feehicms A vulnerability, which was classified as problematic, has been found in FeehiCMS. network low complexity feehi CWE-863	4.3
2022-11-15	CVE-2022-41918	Incorrect Authorization vulnerability in Amazon Opensearch 2.0.0/2.0.1/2.1.0 OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. network low complexity amazon CWE-863 critical	9.8

Vulnerabilities > Incorrect Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Incorrect Authorization"}]}

Vulnerabilities > Incorrect Authorization