CWE-566 · Authorization Bypass Through User-Controlled SQL Primary Key
7 CVEs classified under CWE-566 (Authorization Bypass Through User-Controlled SQL Primary Key). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-9953 | Critical | 9.8 | 2026-02-19 | Authorization Bypass Through User-Controlled SQL Primary Key vulnerability in DATABASE Software Training Consulting Ltd. Databank Accreditation Software allows… |
CVE-2014-0808 | Critical | 9.1 | 2014-01-22 | Authorization bypass through user-controlled key issue exists in EC-CUBE 2.11.0 through 2.12.2 and EC-Orange systems deployed before June 29th, 2015. If this v… |
CVE-2025-61781 | High | 7.1 | 2026-01-05 | OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.8.1, the GraphQL mutation "WorkspacePop… |
CVE-2026-21886 | Medium | 6.5 | 2026-03-17 | OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.9.1, the GraphQL mutations "IndividualD… |
CVE-2025-30369 | Low | 2.7 | 2025-03-31 | Zulip is an open-source team collaboration tool. The API for deleting an organization custom profile field is supposed to be restricted to organization adminis… |
CVE-2025-30368 | Low | 2.7 | 2025-03-31 | Zulip is an open-source team collaboration tool. The API for deleting an organization export is supposed to be restricted to organization administrators, but i… |
CVE-2024-22261 | Low | 2.7 | 2024-06-10 | SQL-Injection in Harbor allows priviledge users to leak the task IDs |