26 matches found
EUVD-2026-23619
Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user can escalate their own account to administrator by sending isAdmin=true to PUT /settings/users/userId for their own user ID. The endpoint is intended to let a user ed...
CVE-2026-40349 Authenticated Movary User Can Self-Escalate to Administrator via PUT /settings/users/{userId} by Setting isAdmin=true
Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user can escalate their own account to administrator by sending isAdmin=true to PUT /settings/users/userId for their own user ID. The endpoint is intended to let a user ed...
PT-2026-33541
Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user can escalate their own account to administrator by sending isAdmin=true to PUT /settings/users/userId for their own user ID. The endpoint is intended to let a user ed...
CVE-2026-5251
A vulnerability was identified in z-9527 admin 1.0/2.0. This impacts an unknown function of the file /server/routes/user.js of the component User Update Endpoint. Such manipulation of the argument isAdmin with the input 1 leads to dynamically-determined object attributes. It is possible to launch...
CVE-2026-5251 z-9527 admin User Update Endpoint user.js dynamically-determined object attributes
A vulnerability was identified in z-9527 admin 1.0/2.0. This impacts an unknown function of the file /server/routes/user.js of the component User Update Endpoint. Such manipulation of the argument isAdmin with the input 1 leads to dynamically-determined object attributes. It is possible to launch...
CVE-2026-5251
The CVE-2026-5251 entry describes a vulnerability in z-9527 admin 1.0/2.0 affecting the User Update Endpoint. The issue occurs in the code path related to /server/routes/user.js where manipulating the isAdmin argument (e.g., input 1) causes dynamically determined object attributes, enabling remot...
admin 安全漏洞
admin is a chatroom software developed by z-9527 as an individual developer. Both the 1.0 and 2.0 versions of admin have security vulnerabilities. These vulnerabilities stem from incorrect operations with the parameter “isAdmin” in the file/server/routes/user.js, which may lead to the dynamic...
PT-2026-29446
A vulnerability was identified in z-9527 admin 1.0/2.0. This impacts an unknown function of the file /server/routes/user.js of the component User Update Endpoint. Such manipulation of the argument isAdmin with the input 1 leads to dynamically-determined object attributes. It is possible to launch...
CVE-2026-27899
WireGuard Portal or wg-portal is a web-based configuration portal for WireGuard server management. Prior to version 2.1.3, any authenticated non-admin user can become a full administrator by sending a single PUT request to their own user profile endpoint with "IsAdmin": true in the JSON body. Aft...
WireGuard Portal is Vulnerable to Privilege Escalation via User Self-Update to Admin Level
Privilege Escalation to Admin via User Self-Update in wg-portal Summary Any authenticated non-admin user can become a full administrator by sending a single PUT request to their own user profile endpoint with "IsAdmin": true in the JSON body. After logging out and back in, the session picks up...
EUVD-2026-8797
WireGuard Portal is Vulnerable to Privilege Escalation via User Self-Update to Admin Level...
Improper Privilege Management
Overview Affected versions of this package are vulnerable to Improper Privilege Management via the IsAdmin field in the user profile update process. An attacker can gain unauthorized administrative privileges by sending a crafted PUT request to their own user profile endpoint with IsAdmin set to...
Improper Privilege Management
Overview Affected versions of this package are vulnerable to Improper Privilege Management via the IsAdmin field in the user profile update process. An attacker can gain unauthorized administrative privileges by sending a crafted PUT request to their own user profile endpoint with IsAdmin set to...
Improper Privilege Management
Overview Affected versions of this package are vulnerable to Improper Privilege Management via the IsAdmin field in the user profile update process. An attacker can gain unauthorized administrative privileges by sending a crafted PUT request to their own user profile endpoint with IsAdmin set to...
CVE-2026-27899
WireGuard Portal or wg-portal is a web-based configuration portal for WireGuard server management. Prior to version 2.1.3, any authenticated non-admin user can become a full administrator by sending a single PUT request to their own user profile endpoint with "IsAdmin": true in the JSON body. Aft...
CVE-2026-27899 WireGuard Portal Vulnerable to Privilege Escalation to Admin via User Self-Update
WireGuard Portal or wg-portal is a web-based configuration portal for WireGuard server management. Prior to version 2.1.3, any authenticated non-admin user can become a full administrator by sending a single PUT request to their own user profile endpoint with "IsAdmin": true in the JSON body. Aft...
CVE-2026-27899
WireGuard Portal (wg-portal) prior to v2.1.3 allows any authenticated non-admin user to elevate to full admin by sending IsAdmin=true in a PUT to their own profile, with the admin flag not being preserved by the server’s protection logic. After logout and login, the session inherits admin privile...
WireGuard Portal v2 安全漏洞
WireGuard Portal v2 is a web-based configuration portal developed by h44z as an individual project. Versions of WireGuard Portal v2 prior to 2.1.3 contained security vulnerabilities. These vulnerabilities stemmed from the server’s inability to protect the IsAdmin field when parsing JSON request...
PT-2026-22074
Name of the Vulnerable Software and Affected Versions WireGuard Portal versions prior to 2.1.3 Description WireGuard Portal, a web-based configuration portal for WireGuard server management, contains a flaw that allows authenticated non-admin users to escalate their privileges to full administrat...
CVE-2024-29316
NodeBB 3.6.7 is vulnerable to Incorrect Access Control, e.g., a low-privileged attacker can access the restricted tabs for the Admin group via "isadmin":true...