Lucene search
+L

7 matches found

Nuclei
Nuclei
added 9 hours ago164 views

KONGA 0.14.9 - Privilege Escalation

KONGA 0.14.9 allows attackers to set higher privilege users to full administration access. The attack vector is a crafted condition, as demonstrated by the /api/user/ID at ADMIN parameter. id: CVE-2021-42192 info: name: KONGA 0.14.9 - Privilege Escalation author: rschio severity: high description...

9CVSS7.9AI score0.09919EPSS
Exploits2References5
RedhatCVE
RedhatCVE
added 2025/05/22 6:46 p.m.8 views

CVE-2021-42192

Konga v0.14.9 is affected by an incorrect access control vulnerability where a specially crafted request can lead to privilege escalation...

9CVSS6.8AI score0.09919EPSS
Exploits2
Circl
Circl
added 2022/05/04 2:34 p.m.13 views

CVE-2021-42192

creationtimestamp| type| source ---|---|--- 2022-05-04 14:34:49+00:00| seen| https://t.me/cibsecurity/41891 2023-04-27 09:58:59+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-42192.yaml...

9CVSS8.1AI score0.09919EPSS
Exploits2References2
NVD
NVD
added 2022/05/04 11:15 a.m.23 views

CVE-2021-42192

Konga v0.14.9 is affected by an incorrect access control vulnerability where a specially crafted request can lead to privilege escalation...

9CVSS0.09919EPSS
Exploits2References5
CVE
CVE
added 2022/05/04 12:0 a.m.139 views

CVE-2021-42192

CVE-2021-42192 affects KONGA v0.14.9 with an incorrect access control that allows privilege escalation via a crafted request. The attack vector demonstrated in the Nuclei template targets /api/user/{ID} with ADMIN privileges, enabling higher-privilege administration access. The underlying issue i...

9CVSS8.6AI score0.09919EPSS
Exploits2References5Affected Software1
CVE
CVE
added 2022/03/28 1:46 p.m.92 views

CVE-2021-44103

CVE-2021-44103 is documented as a duplicate of CVE-2021-42192, with connected data detailing a privilege-escalation flaw in KONGA 0.14.9. The Nuclei template for CVE-2021-42192 describes an improper access control that lets an authenticated user elevate to full admin by crafting a request (notabl...

8.6AI score
Exploits2
GithubExploit
GithubExploit
added 2021/10/15 8:19 p.m.6 views

Exploit for Incorrect Authorization in Konga_Project Konga

Konga Privilege Escalation - CVE-2021-42192 Authenticated Privil...

9CVSS7.5AI score0.09919EPSS
Exploits2
Rows per page
Query Builder