Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-288 (使用候选路径或通道进行的认证绕过) — Vulnerability Class 435

435 vulnerabilities classified as CWE-288 (使用候选路径或通道进行的认证绕过). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-13771 Civi - Job Board & Freelance Marketplace WordPress Theme <= 2.1.4 - Authentication Bypass via Password Update — Civi - Job Board & Freelance Marketplace WordPress Theme 9.8 Critical2025-03-14
CVE-2024-11286 WP JobHunt <= 7.1 - Authentication Bypass — WP JobHunt 9.8 Critical2025-03-14
CVE-2025-2080 Optigo Networks Visual BACnet Capture Tool和Optigo Visual Networks Capture Tool 安全漏洞 — Visual BACnet Capture Tool 9.8 -2025-03-13
CVE-2025-29996 Authentication Bypass Vulnerability in CAP back office application — CAP back office application 8.1 -2025-03-13
CVE-2024-13446 Workreap <= 3.2.5 - Unauthenticated Privilege Escalation via Account Takeover — Workreap 9.8 Critical2025-03-12
CVE-2025-1315 InWave Jobs <= 3.5.1 - Unauthenticated Privilege Escalation via Password Reset — InWave Jobs 9.8 Critical2025-03-07
CVE-2024-9658 School Management System for Wordpress <= 93.0.0 - Authenticated (Student+) Account Takeover and Privilege Escalation — School Management System for Wordpress 8.8 High2025-03-07
CVE-2025-0749 Homey <= 2.4.3 - Limited Authentication Bypass due to Missing Empty Value Check — Homey 8.1 High2025-03-07
CVE-2025-1515 WP Real Estate Manager <= 2.8 - Authentication Bypass via Account Takeover — WP Real Estate Manager 9.8 Critical2025-03-05
CVE-2025-24846 Century Systems FutureNet AS series 安全漏洞 — FutureNet AS-250/S 7.5 High2025-03-03
CVE-2025-1671 Academist Membership <= 1.1.6 - Authentication Bypass via Account Takeover — Academist Membership 9.8 Critical2025-03-01
CVE-2025-1564 SetSail Membership <= 1.0.3 - Authentication Bypass via Account Takeover — SetSail Membership 9.8 Critical2025-03-01
CVE-2025-1638 Alloggio Membership <= 1.1 - Authentication Bypass via Social Login Account Takeover — Alloggio Membership 9.8 Critical2025-03-01
CVE-2025-0159 IBM FlashSystem authentication bypass — Storage Virtualize 9.1 Critical2025-02-28
CVE-2025-1739 Multiple vulnerabilities in Trivision Camera NC227WF — Camera NC227WF 7.1 High2025-02-27
CVE-2025-1717 Login Me Now <= 1.7.2 - Authentication Bypass — Login Me Now – Passwordless, Magic Link, OTP & Social Login for WordPress 8.1 High2025-02-27
CVE-2025-26966 WordPress PrivateContent plugin <= 8.11.5 - Unauthenticated Account Takeover vulnerability — PrivateContent 7.5 -2025-02-25
CVE-2025-26700 Siber Systems RoboForm Password Manager 安全漏洞 — RoboForm Password Manager 4.6 -2025-02-17
CVE-2025-1283 Dingtian DT-R0 Series Authentication Bypass Using an Alternate Path or Channel — DT-R002 9.8 Critical2025-02-13
CVE-2024-13182 WP Directorybox Manager <= 2.5 - Authentication Bypass — WP Directorybox Manager 9.8 Critical2025-02-13
CVE-2025-24472 Fortinet FortiOS 安全漏洞 — FortiProxy 8.1 High2025-02-11
CVE-2025-0181 WP Foodbakery <= 4.8 - Authentication Bypass in foodbakery_parse_request — WP Foodbakery 9.8 Critical2025-02-11
CVE-2025-0316 WP Directorybox Manager <= 2.5 - Authentication Bypass — WP Directorybox Manager 9.8 Critical2025-02-08
CVE-2025-1061 Nextend Social Login Pro <= 3.1.16 - Authentication Bypass via Apple OAuth provider — Nextend Social Login Pro 9.8 Critical2025-02-07
CVE-2025-0674 Elber Communications Equipment Authentication Bypass Using an Alternate Path or Channel — Signum DVB-S/S2 IRD 9.8 Critical2025-02-06
CVE-2025-23217 Mitmweb API Authentication Bypass Using Proxy Server — mitmproxy 9.1 -2025-02-06
CVE-2025-0364 BigAntSoft BigAnt Server Account Registration Bypass to File Upload RCE — BigAnt Server 9.8 Critical2025-02-04
CVE-2024-12857 AdForest <= 5.1.8 - Authentication Bypass — AdForest 9.8 Critical2025-01-22
CVE-2025-24456 JetBrains Hub 安全漏洞 — Hub 6.7 Medium2025-01-21
CVE-2024-55591 Fortinet FortiOS和FortiProxy 安全漏洞 — FortiOS 9.6 Critical2025-01-14

Vulnerabilities classified as CWE-288 (使用候选路径或通道进行的认证绕过) represent 435 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.