Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-288 (使用候选路径或通道进行的认证绕过) — Vulnerability Class 436

436 vulnerabilities classified as CWE-288 (使用候选路径或通道进行的认证绕过). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-1260 Kube-apiserver: privesc 8.0 High2023-09-24
CVE-2023-42793 JetBrains TeamCity 安全漏洞 — TeamCity 9.8 Critical2023-09-19
CVE-2023-4702 Authentication Bypass in Digital Yepas — Digital Yepas 9.8 Critical2023-09-14
CVE-2023-41256 Dover Fueling Solutions MAGLINK LX Console Authentication Bypass — MAGLINK LX Web Console Configuration 9.1 Critical2023-09-11
CVE-2023-20269 Cisco ASA和FTD 安全漏洞 — Cisco Adaptive Security Appliance (ASA) Software 5.0 Medium2023-09-06
CVE-2023-3162 Stripe Payment Plugin for WooCommerce <= 3.7.7 - Authentication Bypass — Payment Gateway of Stripe for WooCommerce 9.8 Critical2023-08-31
CVE-2023-3249 Web3 – Crypto wallet Login & NFT token gating <= 2.6.0 - Authentication Bypass — Web3 – Crypto wallet Login & NFT token gating 9.8 Critical2023-06-30
CVE-2023-2834 BookIt <= 2.3.7 - Authentication Bypass — Bookit — Booking & Appointment Calendar 9.8 Critical2023-06-30
CVE-2023-2982 WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) <= 7.6.4 - Authentication Bypass — miniOrange Social Login and Register (Discord, Google, Twitter, LinkedIn) 9.8 Critical2023-06-29
CVE-2023-34335 BMC AMI 访问控制错误漏洞 — MegaRAC_SPx 7.7 High2023-06-12
CVE-2023-2986 Abandoned Cart Lite for WooCommerce <= 5.15.1 - Authentication Bypass — Abandoned Cart Lite for WooCommerce 9.8 Critical2023-06-08
CVE-2021-4373 Better Search <= 2.5.2 - Cross-Site Request Forgery to Settings Import — Better Search – Relevant search results for WordPress 8.8 High2023-06-07
CVE-2020-36724 Wordable <= 3.1.1 - Authentication Bypass — Wordable – Export Google Docs to WordPress 9.8 Critical2023-06-07
CVE-2020-36713 MStore API <= 2.1.5 - Authentication Bypass — MStore API – Create Native Android & iOS Apps On The Cloud 9.8 Critical2023-06-07
CVE-2023-2546 WP User Switch <= 1.0.2 - Authenticated (Subscriber+) Authentication Bypass via Cookie — WP User Switch 8.8 High2023-06-06
CVE-2023-2781 User Email Verification for WooCommerce <= 3.5.0 - Authentication Bypass — User Email Verification for WooCommerce 8.1 High2023-06-02
CVE-2022-36249 Shop Beat Services Vulnerable To Bypass 2FA via APIs — studio 8.8 -2023-05-30
CVE-2023-2732 MStore API <= 3.9.2 - Authentication Bypass — MStore API – Create Native Android & iOS Apps On The Cloud 9.8 Critical2023-05-25
CVE-2023-2733 MStore API <= 3.9.0 - Authentication Bypass — MStore API – Create Native Android & iOS Apps On The Cloud 9.8 Critical2023-05-25
CVE-2023-2734 MStore API <= 3.9.1 - Authentication Bypass — MStore API – Create Native Android & iOS Apps On The Cloud 9.8 Critical2023-05-25
CVE-2023-2704 BP Social Connect <= 1.5 - Authentication Bypass — BP Social Connect 9.8 Critical2023-05-19
CVE-2023-20003 Cisco Business Wireless Access Points Social Login Guest User Authentication Bypass Vulnerability — Cisco Business Wireless Access Point Software 4.7 Medium2023-05-18
CVE-2023-2499 RegistrationMagic <= 5.2.1.0 - Authentication Bypass — RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login 9.8 Critical2023-05-16
CVE-2023-31152 Authentication Bypass Using an Alternate Path or Channel — SEL-3505 4.0 Medium2023-05-10
CVE-2022-40725 PingID Desktop PIN attempt lockout bypass. — PingID Desktop for Windows 7.3 High2023-04-25
CVE-2023-2027 ZM Ajax Login & Register <= 2.0.2 - Authentication Bypass — ZM Ajax Login & Register 9.8 Critical2023-04-15
CVE-2023-20018 Cisco IP Phone 安全漏洞 — Cisco Session Initiation Protocol (SIP) Software 8.6 High2023-01-19
CVE-2023-22495 Izanami is vulnerable to Authorization Bypass — izanami 9.8 Critical2023-01-14
CVE-2022-42277 NVIDIA DGX 访问控制错误漏洞 — NVIDIA DGX servers 7.5 High2023-01-13
CVE-2022-42276 NVIDIA DGX 访问控制错误漏洞 — NVIDIA DGX servers 7.5 High2023-01-13

Vulnerabilities classified as CWE-288 (使用候选路径或通道进行的认证绕过) represent 436 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.