Lucene search
K

3977 matches found

EUVD
EUVD
added 2025/10/22 9:19 p.m.4 views

EUVD-2025-35595

Admidio is an open-source user management solution. Prior to version 4.3.17, an authenticated SQL injection vulnerability exists in the member assignment data retrieval functionality of Admidio. Any authenticated user with permissions to assign members to a role such as an administrator can explo...

7.2CVSS7.7AI score0.00395EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/10/22 9:19 p.m.1 views

CVE-2025-62617 Admidio Vulnerable to Authenticated SQL Injection in Member Assignment Functionality

Admidio is an open-source user management solution. Prior to version 4.3.17, an authenticated SQL injection vulnerability exists in the member assignment data retrieval functionality of Admidio. Any authenticated user with permissions to assign members to a role such as an administrator can explo...

7.2CVSS7.8AI score0.00395EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/10/22 9:19 p.m.9 views

CVE-2025-62617 Admidio Vulnerable to Authenticated SQL Injection in Member Assignment Functionality

Admidio is an open-source user management solution. Prior to version 4.3.17, an authenticated SQL injection vulnerability exists in the member assignment data retrieval functionality of Admidio. Any authenticated user with permissions to assign members to a role such as an administrator can explo...

7.2CVSS0.00395EPSS
Exploits1References2
OSV
OSV
added 2025/10/22 9:19 p.m.3 views

CVE-2025-62617 Admidio Vulnerable to Authenticated SQL Injection in Member Assignment Functionality

Admidio is an open-source user management solution. Prior to version 4.3.17, an authenticated SQL injection vulnerability exists in the member assignment data retrieval functionality of Admidio. Any authenticated user with permissions to assign members to a role such as an administrator can explo...

7.2CVSS8.2AI score0.00395EPSS
Exploits1References4
Snyk
Snyk
added 2025/10/22 4:46 p.m.2 views

SQL Injection

Overview admidio/admidio is a free open source user management system for websites of organizations and groups. Affected versions of this package are vulnerable to SQL Injection via the filterroluuid parameter in the membersassignmentdata.php process. An attacker can execute arbitrary SQL command...

8.6CVSS8.1AI score0.00395EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2025/10/22 4:46 p.m.9 views

Admidio Vulnerable to Authenticated SQL Injection in Member Assignment Functionality

Summary An authenticated SQL injection vulnerability exists in the member assignment data retrieval functionality of Admidio. Any authenticated user with permissions to assign members to a role such as an administrator can exploit this vulnerability to execute arbitrary SQL commands. This can lea...

7.2CVSS8.1AI score0.00395EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2025/10/22 4:46 p.m.4 views

GHSA-2V5M-CQ9W-FC33 Admidio Vulnerable to Authenticated SQL Injection in Member Assignment Functionality

Summary An authenticated SQL injection vulnerability exists in the member assignment data retrieval functionality of Admidio. Any authenticated user with permissions to assign members to a role such as an administrator can exploit this vulnerability to execute arbitrary SQL commands. This can lea...

7.2CVSS8.1AI score0.00395EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/22 3:31 p.m.3 views

EUVD-2025-35394

Incorrect Privilege Assignment vulnerability in bPlugins Voice Feedback voice-feedback allows Privilege Escalation.This issue affects Voice Feedback: from n/a through = 1.0.3...

6.5AI score0.00346EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/22 3:31 p.m.5 views

EUVD-2025-35430

Incorrect Privilege Assignment vulnerability in GoodLayers Goodlayers Core goodlayers-core allows Privilege Escalation.This issue affects Goodlayers Core: from n/a through 2.1.7...

6.5AI score0.00356EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/22 3:31 p.m.3 views

EUVD-2025-35458

Incorrect Privilege Assignment vulnerability in Dokan, Inc. Dokan dokan-lite allows Privilege Escalation.This issue affects Dokan: from n/a through = 4.1.2...

6.5AI score0.00394EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/22 3:31 p.m.5 views

EUVD-2025-35534

Incorrect Privilege Assignment vulnerability in Josh Kohlbach Wholesale Suite woocommerce-wholesale-prices allows Privilege Escalation.This issue affects Wholesale Suite: from n/a through = 2.2.4.2...

6.5AI score0.00368EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/22 3:31 p.m.6 views

EUVD-2025-35569

Incorrect Privilege Assignment vulnerability in Progress Planner Progress Planner progress-planner allows Privilege Escalation.This issue affects Progress Planner: from n/a through = 1.8.0...

7.5CVSS6.5AI score0.00439EPSS
Exploits0References2
NVD
NVD
added 2025/10/22 3:16 p.m.10 views

CVE-2025-62007

Incorrect Privilege Assignment vulnerability in bPlugins Voice Feedback voice-feedback allows Privilege Escalation.This issue affects Voice Feedback: from n/a through = 1.0.3...

8.8CVSS0.00346EPSS
Exploits0References1
NVD
NVD
added 2025/10/22 3:15 p.m.6 views

CVE-2025-60220

Incorrect Privilege Assignment vulnerability in pebas CouponXxL couponxxl allows Privilege Escalation.This issue affects CouponXxL: from n/a through = 3.0.0...

9.8CVSS0.00412EPSS
Exploits0References1
NVD
NVD
added 2025/10/22 3:15 p.m.9 views

CVE-2025-60222

Incorrect Privilege Assignment vulnerability in FantasticPlugins SUMO Memberships for WooCommerce sumomemberships allows Privilege Escalation.This issue affects SUMO Memberships for WooCommerce: from n/a through = 7.8.0...

8.8CVSS0.00356EPSS
Exploits0References1
NVD
NVD
added 2025/10/22 3:15 p.m.4 views

CVE-2025-59580

Incorrect Privilege Assignment vulnerability in GoodLayers Goodlayers Core goodlayers-core allows Privilege Escalation.This issue affects Goodlayers Core: from n/a through 2.1.7...

8.8CVSS0.00356EPSS
Exploits0References1
NVD
NVD
added 2025/10/22 3:15 p.m.4 views

CVE-2025-53428

Incorrect Privilege Assignment vulnerability in N-Media Simple User Registration wp-registration allows Privilege Escalation.This issue affects Simple User Registration: from n/a through = 6.8...

8.8CVSS0.00332EPSS
Exploits0References1
NVD
NVD
added 2025/10/22 3:15 p.m.12 views

CVE-2025-53425

Incorrect Privilege Assignment vulnerability in Dokan, Inc. Dokan dokan-lite allows Privilege Escalation.This issue affects Dokan: from n/a through = 4.1.3...

7.2CVSS0.00394EPSS
Exploits0References1
NVD
NVD
added 2025/10/22 3:15 p.m.2 views

CVE-2025-48082

Incorrect Privilege Assignment vulnerability in Progress Planner Progress Planner progress-planner allows Privilege Escalation.This issue affects Progress Planner: from n/a through = 1.8.0...

8.8CVSS0.00439EPSS
Exploits0References1
CVE
CVE
added 2025/10/22 2:32 p.m.11 views

CVE-2025-62007

The CVE-2025-62007 entry concerns WordPress Voice Feedback (voice-feedback) with an Incorrect Privilege Assignment vulnerability that allows Privilege Escalation in versions up to and including 1.0.3. Wordfence’s vulnerability report confirms the issue and notes the vulnerability is patched, with...

8.8CVSS6.6AI score0.00346EPSS
Exploits0References1
Rows per page
Query Builder