Lucene search
K

142 matches found

Nuclei
Nuclei
added yesterday37 views

Leantime < 2.4 - Authenticated SQL Injection

Leantime is an open source project management system. A 'userId' variable in app/domain/files/repositories/class.files.php is not parameterized. An authenticated attacker can send a carefully crafted POST request to /api/jsonrpc to exploit an SQL injection vulnerability. Confidentiality is impact...

6.5CVSS6.6AI score0.01872EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago9 views

EUVD-2026-43251

A vulnerability was found in Leantime up to 3.8.0. Affected is the function Setting::saveSetting of the component API. The manipulation results in improper authorization. The attack may be performed from remote. The exploit has been made public and could be used. The vendor was contacted early...

6.5CVSS6.2AI score0.00333EPSS
Exploits0References6
EUVD
EUVD
added 2 days ago11 views

EUVD-2026-43250

A vulnerability has been found in Leantime up to 3.8.0. This impacts the function editUser/addUser of the component JSON-RPC Endpoint. The manipulation of the argument role leads to improper authorization. The attack is possible to be carried out remotely. The exploit has been disclosed to the...

6.5CVSS6.2AI score0.00333EPSS
Exploits0References6
NVD
NVD
added 3 days ago7 views

CVE-2026-15510

A vulnerability was found in Leantime up to 3.8.0. Affected is the function Setting::saveSetting of the component API. The manipulation results in improper authorization. The attack may be performed from remote. The exploit has been made public and could be used. The vendor was contacted early...

6.5CVSS0.00333EPSS
Exploits0References5
NVD
NVD
added 3 days ago9 views

CVE-2026-15509

A vulnerability has been found in Leantime up to 3.8.0. This impacts the function editUser/addUser of the component JSON-RPC Endpoint. The manipulation of the argument role leads to improper authorization. The attack is possible to be carried out remotely. The exploit has been disclosed to the...

6.5CVSS0.00333EPSS
Exploits0References5
CVE
CVE
added 3 days ago13 views

CVE-2026-15510

Leantime up to 3.8.0 is affected by an improper authorization issue in API:Setting::saveSetting. The root cause is improper access control in the SaveSetting function, enabling a remote attack. Public exploit exists and could be used. The vulnerability impacts the API component and is rated with ...

6.5CVSS6.2AI score0.00333EPSS
Exploits0References5
Cvelist
Cvelist
added 3 days ago23 views

CVE-2026-15510 Leantime API saveSetting improper authorization

A vulnerability was found in Leantime up to 3.8.0. Affected is the function Setting::saveSetting of the component API. The manipulation results in improper authorization. The attack may be performed from remote. The exploit has been made public and could be used. The vendor was contacted early...

6.5CVSS0.00333EPSS
Exploits0References5
CVE
CVE
added 3 days ago15 views

CVE-2026-15509

Leantime up to 3.8.0 is affected by a vulnerability in the JSON-RPC Endpoint functions editUser/addUser where manipulating the role argument leads to improper authorization. The issue is exploitable remotely and has been publicly disclosed; vendor response was not provided. Affected impact includ...

6.5CVSS6.2AI score0.00333EPSS
Exploits0References5
Cvelist
Cvelist
added 3 days ago35 views

CVE-2026-15509 Leantime JSON-RPC Endpoint addUser improper authorization

A vulnerability has been found in Leantime up to 3.8.0. This impacts the function editUser/addUser of the component JSON-RPC Endpoint. The manipulation of the argument role leads to improper authorization. The attack is possible to be carried out remotely. The exploit has been disclosed to the...

6.5CVSS0.00333EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 3 days ago7 views

PT-2026-57576

Name of the Vulnerable Software and Affected Versions Leantime versions prior to 3.8.1 Description Improper authorization occurs within the JSON-RPC Endpoint component when the role argument is manipulated in the editUser or addUser functions. This allows a remote attacker to bypass authorization...

6.5CVSS6.7AI score0.00333EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 3 days ago7 views

PT-2026-57577

Name of the Vulnerable Software and Affected Versions Leantime versions prior to 3.8.1 Description An improper authorization issue exists in the API component within the Setting::saveSetting function. This flaw allows a remote attacker to manipulate settings due to insufficient authorization...

6.5CVSS6.7AI score0.00333EPSS
Exploits0References9
Veracode
Veracode
added 5 days ago6 views

Cross-Site Request Forgery (CSRF)

Leantime is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is due to missing validation of the OIDC state parameter in the verifyState method, where attacker-controlled authorization callbacks are accepted without verification, allowing attackers to perform session fixation and...

8.6CVSS6.1AI score0.00153EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/07/06 9:16 p.m.11 views

CVE-2026-59712

Leantime's Users::getUser method in the JSON-RPC API lacks proper authorization checks, allowing authenticated users to retrieve full user credential rows including password hashes, TOTP secrets, and session tokens. Attackers can exploit this by calling users.getUser with arbitrary user IDs to...

8.6CVSS0.0025EPSS
Exploits0References4
NVD
NVD
added 2026/07/06 9:16 p.m.7 views

CVE-2026-59713

Leantime contains an OIDC login CSRF vulnerability in the verifyState method that unconditionally returns true without validating state parameters. Attackers can craft malicious callback URLs with attacker-controlled authorization codes to perform session fixation, logging victims in as the...

8.6CVSS0.00153EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/07/06 8:43 p.m.38 views

CVE-2026-59712 Leantime - JSON-RPC API Broken Access Control via users.getUser

Leantime's Users::getUser method in the JSON-RPC API lacks proper authorization checks, allowing authenticated users to retrieve full user credential rows including password hashes, TOTP secrets, and session tokens. Attackers can exploit this by calling users.getUser with arbitrary user IDs to...

8.6CVSS0.0025EPSS
Exploits0References4
CVE
CVE
added 2026/07/06 8:43 p.m.18 views

CVE-2026-59712

According to the connected NVD records, CVE-2026-59712 affects Leantime’s JSON-RPC API via the Users::getUser method. The vulnerability arises from missing authorization checks, enabling authenticated users to call users.getUser with arbitrary user IDs and enumerate accounts. The outcome is expos...

8.6CVSS6AI score0.0025EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/07/06 8:43 p.m.8 views

CVE-2026-59712 Leantime - JSON-RPC API Broken Access Control via users.getUser

Leantime's Users::getUser method in the JSON-RPC API lacks proper authorization checks, allowing authenticated users to retrieve full user credential rows including password hashes, TOTP secrets, and session tokens. Attackers can exploit this by calling users.getUser with arbitrary user IDs to...

8.6CVSS6AI score0.0025EPSS
Exploits0References4
OSV
OSV
added 2026/07/06 8:43 p.m.4 views

CVE-2026-59712 Leantime - JSON-RPC API Broken Access Control via users.getUser

Leantime's Users::getUser method in the JSON-RPC API lacks proper authorization checks, allowing authenticated users to retrieve full user credential rows including password hashes, TOTP secrets, and session tokens. Attackers can exploit this by calling users.getUser with arbitrary user IDs to...

8.6CVSS6.2AI score0.0025EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/06 8:36 p.m.34 views

CVE-2026-59713 Leantime - OIDC Login CSRF via Unconditional State Verification Stub

Leantime contains an OIDC login CSRF vulnerability in the verifyState method that unconditionally returns true without validating state parameters. Attackers can craft malicious callback URLs with attacker-controlled authorization codes to perform session fixation, logging victims in as the...

8.6CVSS0.00153EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/07/06 8:36 p.m.4 views

CVE-2026-59713

Leantime contains an OIDC login CSRF vulnerability in the verifyState method that unconditionally returns true without validating state parameters. Attackers can craft malicious callback URLs with attacker-controlled authorization codes to perform session fixation, logging victims in as the...

8.6CVSS6AI score0.00153EPSS
Exploits0References5
Rows per page
Query Builder