Lucene search
K

4 matches found

NVD
NVD
added 2026/02/18 10:16 p.m.6 views

CVE-2026-27181

MajorDoMo aka Major Domestic Module allows unauthenticated arbitrary module uninstallation through the market module. The market module's admin method reads gr'mode' from $REQUEST and assigns it to $this-mode at the start of execution, making all mode-gated code paths reachable without...

8.7CVSS0.00708EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/02/18 9:10 p.m.3 views

CVE-2026-27181 MajorDoMo Unauthenticated Module Uninstall via Market Endpoint

MajorDoMo aka Major Domestic Module allows unauthenticated arbitrary module uninstallation through the market module. The market module's admin method reads gr'mode' from $REQUEST and assigns it to $this-mode at the start of execution, making all mode-gated code paths reachable without...

8.7CVSS5.8AI score0.00708EPSS
Exploits1References3
CVE
CVE
added 2026/02/18 9:10 p.m.11 views

CVE-2026-27181

MajorDoMo is affected by an unauthenticated module-uninstall vulnerability via the market endpoint. The market/admin flow reads gr('mode') from $_REQUEST and sets $this->mode before authentication, making all mode-gated paths reachable through /objects/?module=market. The uninstall handler cal...

8.7CVSS5.8AI score0.00708EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/02/18 9:10 p.m.28 views

CVE-2026-27181 MajorDoMo Unauthenticated Module Uninstall via Market Endpoint

MajorDoMo aka Major Domestic Module allows unauthenticated arbitrary module uninstallation through the market module. The market module's admin method reads gr'mode' from $REQUEST and assigns it to $this-mode at the start of execution, making all mode-gated code paths reachable without...

8.7CVSS0.00708EPSS
Exploits1References3
Rows per page
Query Builder