Sequence of Processor Instructions Leads to Unexpected Behavior

Overview admidio/admidio is a free open source user management system for websites of organizations and groups. Affected versions of this package are vulnerable to Sequence of Processor Instructions Leads to Unexpected Behavior through the fielddelete process. An attacker can permanently remove...

CVE-2026-41670 Admidio: SAML Response Sent to Unvalidated Assertion Consumer Service URL from AuthnRequest

Admidio is an open-source user management solution. Prior to version 5.0.9, the SAML IdP implementation in Admidio's SSO module uses the AssertionConsumerServiceURL value directly from incoming SAML AuthnRequest messages as the destination for the SAML response, without validating it against the...

EUVD-2026-28270

Admidio is an open-source user management solution. Prior to version 5.0.9, the member assignment DataTables endpoint membersassignmentdata.php includes hidden profile fields BIRTHDAY, STREET, CITY, POSTCODE, COUNTRY in its SQL search condition regardless of field visibility settings. While the...

EUVD-2026-28266

Admidio is an open-source user management solution. Prior to version 5.0.9, the contactsdata.php endpoint uses a weaker permission check isAdministratorUsers, requiring only roledituser=true than the frontend UI contacts.php which correctly requires the stronger isAdministrator requiring...

CVE-2026-41657 Admidio: Cross-Organization Member Data Exposure via Permission Check Mismatch in contacts_data.php

Admidio is an open-source user management solution. Prior to version 5.0.9, the contactsdata.php endpoint uses a weaker permission check isAdministratorUsers, requiring only roledituser=true than the frontend UI contacts.php which correctly requires the stronger isAdministrator requiring...

CVE-2026-41657 Admidio: Cross-Organization Member Data Exposure via Permission Check Mismatch in contacts_data.php

Admidio is an open-source user management solution. Prior to version 5.0.9, the contactsdata.php endpoint uses a weaker permission check isAdministratorUsers, requiring only roledituser=true than the frontend UI contacts.php which correctly requires the stronger isAdministrator requiring...

Admidio 数据伪造问题漏洞

Admidio is a set of open-source member management systems developed by the Admidio team. This system supports features such as member lists, event management, message boards, photo albums, and downloads. Prior to Admidio 5.0.9, there was a data manipulation vulnerability. This vulnerability stemm...

Information Exposure

Overview admidio/admidio is a free open source user management system for websites of organizations and groups. Affected versions of this package are vulnerable to Information Exposure via the membersassignmentdata.php process. An attacker can infer hidden personally identifiable information such...

PT-2026-37145

Name of the Vulnerable Software and Affected Versions Admidio versions prior to 5.0.9 Description An unauthenticated attacker can execute arbitrary JavaScript in a user's browser via reflected Cross-Site Scripting XSS. The issue occurs in the 'system/msg window.php' endpoint, which accepts messag...

PT-2026-36108

Name of the Vulnerable Software and Affected Versions Admidio versions prior to 5.0.9 Description An issue exists in the OpenID Connect OIDC implementation where the token introspection endpoint '/modules/sso/index.php/oidc/introspect' always returns a positive active status regardless of whether...

CVE-2026-34383

Admidio is an open-source user management solution. Prior to version 5.0.8, the inventory module's itemsave endpoint accepts a user-controllable POST parameter imported that, when set to true, completely bypasses both CSRF token validation and server-side form validation. An authenticated user ca...

CVE-2026-34382 Admidio: Missing CSRF Protection on Custom List Deletion in mylist_function.php

Admidio is an open-source user management solution. From version 5.0.0 to before version 5.0.8, the delete mode handler in mylistfunction.php permanently deletes list configurations without validating a CSRF token. An attacker who can lure an authenticated user to a malicious page can silently...

CVE-2026-34381 Admidio: Unauthenticated Access to Role-Restricted documents via neutralized .htaccess

Admidio is an open-source user management solution. From version 5.0.0 to before version 5.0.8, Admidio relies on admmyfiles/.htaccess to deny direct HTTP access to uploaded documents. The Docker image ships with AllowOverride None in the Apache configuration, which causes Apache to silently igno...

Admidio 跨站请求伪造漏洞

Admidio is a set of open-source member management systems developed by the Admidio team. This system supports features such as member lists, event management, message boards, photo albums, and downloads. Prior to Admidio 5.0.8, there was a cross-site request forgeing vulnerability. This...

CVE-2026-34382

creationtimestamp| type| source ---|---|--- 2026-03-27 17:29:57+00:00| published-proof-of-concept| https://github.com/Admidio/admidio/security/advisories/GHSA-g3mx-8jm6-rc85...

CVE-2026-32812

Admidio is an open-source user management solution. In versions 5.0.0 through 5.0.6, unrestricted URL fetch in the SSO Metadata API can result in SSRF and local file reads. The SSO Metadata fetch endpoint at modules/sso/fetchmetadata.php accepts an arbitrary URL via $GET'url', validates it only...

CVE-2026-32812 Admidio Vulnerable to SSRF and Local File Read via Unrestricted URL Fetch in SSO Metadata Endpoint

Admidio is an open-source user management solution. In versions 5.0.0 through 5.0.6, unrestricted URL fetch in the SSO Metadata API can result in SSRF and local file reads. The SSO Metadata fetch endpoint at modules/sso/fetchmetadata.php accepts an arbitrary URL via $GET'url', validates it only...

CVE-2026-32816

Admidio is an open-source user management solution. In versions 5.0.0 through 5.0.6, the delete, activate, and deactivate modes in modules/groups-roles/groupsroles.php perform destructive state changes on organizational roles but never validate an anti-CSRF token. The client-side UI passes a CSRF...

CVE-2026-32757 Admidio: HTMLPurifier Bypass in eCard Message Allows HTML Email Injection

Admidio is an open-source user management solution. In versions 5.0.6 and below, the eCard send handler uses a raw $POST'ecardmessage' value instead of the HTMLPurifier-sanitized $formValues'ecardmessage' when constructing the greeting card HTML. This allows an authenticated attacker to inject...

Admidio is Missing Authorization on Forum Topic and Post Deletion

Summary The forum module in Admidio does not verify whether the current user has permission to delete forum topics or posts. Both the topicdelete and postdelete actions in forum.php only validate the CSRF token but perform no authorization check before calling delete. Any authenticated user with...