Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-285 (授权机制不恰当) — Vulnerability Class 970

970 vulnerabilities classified as CWE-285 (授权机制不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-11272 SeriaWei ZKEACMS POST Request UrlRedirectionController.cs Delete improper authorization — ZKEACMS 5.4 Medium2025-10-04
CVE-2025-11227 GiveWP – Donation Plugin and Fundraising Platform <= 4.10.0 - Missing Authorization to Unauthenticated Forms and Campaigns Disclosure — GiveWP – Donation Plugin and Fundraising Platform 6.5 Medium2025-10-04
CVE-2025-11080 zhuimengshaonian wisdom-education ExamInfoController.java selectStudentExamInfoList improper authorization — wisdom-education 4.3 Medium2025-09-27
CVE-2025-11050 Portabilis i-Educar periodo-lancamento improper authorization — i-Educar 6.3 Medium2025-09-27
CVE-2025-11049 Portabilis i-Educar unificacao-aluno improper authorization — i-Educar 6.3 Medium2025-09-27
CVE-2025-11048 Portabilis i-Educar consulta-dispensas improper authorization — i-Educar 6.3 Medium2025-09-26
CVE-2025-11047 Portabilis i-Educar aluno improper authorization — i-Educar 6.3 Medium2025-09-26
CVE-2025-11030 Tutorials-Website Employee Management System HTTP Request all-applied-leave.php improper authorization — Employee Management System 7.3 High2025-09-26
CVE-2025-10992 roncoo roncoo-pay lookupList improper authorization — roncoo-pay 5.3 Medium2025-09-26
CVE-2025-10989 yangzongzhuan RuoYi selectAll improper authorization — RuoYi 6.3 Medium2025-09-26
CVE-2025-10988 YunaiV ruoyi-vue-pro transfer improper authorization — ruoyi-vue-pro 6.3 Medium2025-09-26
CVE-2025-10987 YunaiV yudao-cloud HTTP Request transfer improper authorization — yudao-cloud 6.3 Medium2025-09-26
CVE-2025-10981 JeecgBoot exportXls improper authorization — JeecgBoot 4.3 Medium2025-09-26
CVE-2025-10980 JeecgBoot exportXls improper authorization — JeecgBoot 4.3 Medium2025-09-25
CVE-2025-10979 JeecgBoot exportXls improper authorization — JeecgBoot 4.3 Medium2025-09-25
CVE-2025-10978 JeecgBoot Filter exportXls improper authorization — JeecgBoot 4.3 Medium2025-09-25
CVE-2025-10977 JeecgBoot deleteBatch improper authorization — JeecgBoot 3.1 Low2025-09-25
CVE-2025-10976 JeecgBoot getDepartUserList improper authorization — JeecgBoot 3.1 Low2025-09-25
CVE-2025-10822 fuyang_lipengjun platform queryAll SysSmsLogController improper authorization — platform 4.3 Medium2025-09-22
CVE-2025-10821 fuyang_lipengjun platform queryAll TopicCategoryController improper authorization — platform 4.3 Medium2025-09-22
CVE-2025-10820 fuyang_lipengjun platform queryAll TopicController improper authorization — platform 4.3 Medium2025-09-22
CVE-2025-10819 fuyang_lipengjun platform queryAll UserCouponController improper authorization — platform 4.3 Medium2025-09-22
CVE-2025-10707 JeecgBoot sendMsg improper authorization — JeecgBoot 6.3 Medium2025-09-19
CVE-2025-10676 fuyang_lipengjun platform queryAll BrandController improper authorization — platform 4.3 Medium2025-09-18
CVE-2025-10675 fuyang_lipengjun platform queryAll AttributeController improper authorization — platform 4.3 Medium2025-09-18
CVE-2025-10674 fuyang_lipengjun platform queryAll AttributeCategoryController improper authorization — platform 4.3 Medium2025-09-18
CVE-2025-10422 newbee-mall Order Status paySuccess improper authorization — newbee-mall 4.3 Medium2025-09-15
CVE-2025-10390 CRMEB UserAddressServices.php editAddress improper authorization — CRMEB 5.4 Medium2025-09-14
CVE-2025-10389 CRMEB Administrator Password SystemAdminServices.php save improper authorization — CRMEB 5.4 Medium2025-09-14
CVE-2025-10384 yangzongzhuan RuoYi Role cancelAll improper authorization — RuoYi 5.4 Medium2025-09-13

Vulnerabilities classified as CWE-285 (授权机制不恰当) represent 970 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.