Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-425 (直接请求(强制性浏览)) — Vulnerability Class 75

75 vulnerabilities classified as CWE-425 (直接请求(强制性浏览)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-55075 Grocy 安全漏洞 — Grocy 4.3 Medium2025-01-06
CVE-2024-11049 ZKTeco ZKBio Time Image File photo direct request — ZKBio Time 3.7 Low2024-11-10
CVE-2024-45195 Apache OFBiz: Confused controller-view authorization logic (forced browsing) — Apache OFBiz 9.1AICriticalAI2024-09-04
CVE-2024-7753 SourceCodester Clinics Patient Management System user_images direct request — Clinics Patient Management System 5.3 Medium2024-08-14
CVE-2024-42001 Vonets WiFi Bridges Forced Browsing — VAR1200-H 8.6 High2024-08-08
CVE-2024-7153 Netgear WN604 siteSurvey.php direct request — WN604 5.3 Medium2024-07-27
CVE-2024-7080 SourceCodester Insurance Management System direct request — Insurance Management System 5.3 Medium2024-07-24
CVE-2024-39868 Siemens SINEMA Remote Connect Server 安全漏洞 — SINEMA Remote Connect Server 7.6 High2024-07-09
CVE-2024-39867 Siemens SINEMA Remote Connect 安全漏洞 — SINEMA Remote Connect Server 7.6 High2024-07-09
CVE-2024-6414 Parsec Automation TrakSYS Export Page contentpage direct request — TrakSYS 5.3 Medium2024-06-30
CVE-2024-6188 Parsec Automation TrackSYS pagedefinition direct request — TrackSYS 5.3 Medium2024-06-20
CVE-2024-2730 Predictable Page Indexing Might Lead to Sensitive Data Exposure in Mautic — Mautic 5.3 Medium2024-04-10
CVE-2023-45598 AiLux imx6 安全漏洞 — imx6 bundle 5.3 Medium2024-03-05
CVE-2023-45596 AiLux imx6 安全漏洞 — imx6 bundle 5.3 Medium2024-03-05
CVE-2024-0861 Direct Request ('Forced Browsing') in GitLab — GitLab 4.3 Medium2024-02-21
CVE-2023-46186 IBM Jazz for Service Management information disclosure — Jazz for Service Management 5.3 Medium2024-02-14
CVE-2024-24592 Allegro 授权问题漏洞 — ClearML 9.8 Critical2024-02-06
CVE-2023-50935 IBM PowerSC forced browsing — PowerSC 6.5 Medium2024-02-02
CVE-2024-0456 Direct Request ('Forced Browsing') in GitLab — GitLab 4.3 Medium2024-01-26
CVE-2024-0204 Authentication Bypass in GoAnywhere MFT — GoAnywhere MFT 9.8 Critical2024-01-22
CVE-2023-44320 Siemens SCALANCE 多款产品安全漏洞 — RUGGEDCOM RM1224 LTE(4G) EU 4.3 Medium2023-11-14
CVE-2023-5786 GeoServer GeoWebCache rest.html direct request — GeoWebCache 5.3 Medium2023-10-26
CVE-2023-5702 Viessmann Vitogate 300 direct request — Vitogate 300 4.3 Medium2023-10-23
CVE-2023-4018 Direct Request ('Forced Browsing') in GitLab — GitLab 4.3 Medium2023-09-01
CVE-2023-4544 Byzoro Smart S85F Management Platform php.ini direct request — Smart S85F Management Platform 4.3 Medium2023-08-26
CVE-2023-3426 Liferay Portal和Liferay DXP 安全漏洞 — DXP 4.3 Medium2023-08-02
CVE-2023-3792 Beijing Netcon NS-ASG test_status.php direct request — NS-ASG 4.3 Medium2023-07-20
CVE-2023-22834 The contour service was not checking that users had permission to create an analysis for a given dataset — com.palantir.contour:contour-dispatch 2.7 Low2023-06-26
CVE-2023-2524 Control iD RHiD direct request — RHiD 6.3 Medium2023-05-04
CVE-2023-1699 Rapid7 Nexpose Forced Browsing — Nexpose 4.3 Medium2023-03-30

Vulnerabilities classified as CWE-425 (直接请求(强制性浏览)) represent 75 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.