Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-425 (直接请求(强制性浏览)) — Vulnerability Class 75

75 vulnerabilities classified as CWE-425 (直接请求(强制性浏览)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-58343 Vision Helpdesk 安全漏洞 — Helpdesk 4.3 Medium2026-04-16
CVE-2025-15587 Credentials exposure in tinycontrol devices — Lan Kontroler v3.5 8.1AIHighAI2026-03-16
CVE-2026-1978 kalyan02 NanoCMS User Information pagesdata.txt direct request — NanoCMS 5.3 Medium2026-02-06
CVE-2026-0790 ALGO 8180 IP Audio Alerter Web UI Direct Request Information Disclosure Vulnerability — 8180 IP Audio Alerter 7.5 -2026-01-23
CVE-2025-67844 Mintlify 安全漏洞 — Mintlify Platform 5.0 Medium2025-12-19
CVE-2025-65011 Unauthorized Access to files in WODESYS WD-R608U router — WD-R608U 7.5AIHighAI2025-12-18
CVE-2025-26381 OpenBlue Mobile Web Application configuration issue for optional for OpenBlue Workplace (formerly FM Systems) — OpenBlue Workplace (formerly FM Systems) 7.5AIHighAI2025-12-17
CVE-2025-57823 Fortinet FortiAuthenticator 安全漏洞 — FortiAuthenticator 2.6 Low2025-12-09
CVE-2025-6195 Direct Request ('Forced Browsing') in GitLab — GitLab 4.3 Medium2025-11-26
CVE-2025-62778 Frappe Learning allowed students to access the Quiz Form via direct URL — lms 5.3AIMediumAI2025-10-27
CVE-2025-11280 Frappe LMS Assignment Picture files direct request — LMS 3.7 Low2025-10-05
CVE-2025-59797 Profession Fit 安全漏洞 — Profession Fit 5.8 Medium2025-09-22
CVE-2025-10287 roncoo roncoo-pay orderQuery direct request — roncoo-pay 3.1 Low2025-09-12
CVE-2025-31971 AIML Solutions for HCL SX is susceptible to a URL validation vulnerability — AIML Solutions for SX 5.1 Medium2025-08-28
CVE-2025-55736 flaskBlog allows arbitrary privilege escalation — FlaskBlog 8.8AIHighAI2025-08-19
CVE-2025-41404 iroha Board 安全漏洞 — iroha Board 4.3AIMediumAI2025-06-26
CVE-2025-53073 Sentry 安全漏洞 — Sentry 4.2 Medium2025-06-24
CVE-2025-52920 InnoShop 安全漏洞 — InnoShop 6.4 Medium2025-06-23
CVE-2025-6352 code-projects Automated Voting System Backend vote.php direct request — Automated Voting System 5.3 Medium2025-06-20
CVE-2025-48207 TYPO3 安全漏洞 — reint downloadmanager extension 8.6 High2025-05-21
CVE-2025-48202 TYPO3 femanager 安全漏洞 — femanager extension 5.3 Medium2025-05-21
CVE-2025-48201 TYPO3 安全漏洞 — ns backup extension 8.6 High2025-05-21
CVE-2025-48205 TYPO3 安全漏洞 — sr feuser register extension 8.6 High2025-05-21
CVE-2025-47226 Snipe-IT 安全漏洞 — Snipe-IT 5.0 Medium2025-05-02
CVE-2025-46690 Ververica Platform 安全漏洞 — Ververica Platform 5.0 Medium2025-04-27
CVE-2025-2595 Forced Browsing Vulnerability in CODESYS Visualization — CODESYS Visualization 5.3 Medium2025-04-23
CVE-2025-27581 NIH BRICS 安全漏洞 — BRICS 4.3 Medium2025-04-23
CVE-2025-32367 Oz Forensics Oz Liveness 安全漏洞 — face recognition application 8.6 High2025-04-11
CVE-2025-26689 Inaba Denki Sangyo CHOCO TEI WATCHER mini 安全漏洞 — CHOCO TEI WATCHER mini (IB-MCT001) 9.8 Critical2025-03-31
CVE-2025-1542 Improper permission control in OXARI ServiceDesk — OXARI ServiceDesk 8.8AIHighAI2025-03-26

Vulnerabilities classified as CWE-425 (直接请求(强制性浏览)) represent 75 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.