Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/03/05 1:57 a.m.6 views

CVE-2026-27012

OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, a privilege escalation and authentication bypass vulnerability in OpenSTAManager allows any attacker to arbitrarily change a user's group idgruppo by directly calling...

9.8CVSS5.9AI score0.00537EPSS
Exploits1References1
NVD
NVD
added 2026/03/03 10:16 p.m.22 views

CVE-2026-27012

OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, a privilege escalation and authentication bypass vulnerability in OpenSTAManager allows any attacker to arbitrarily change a user's group idgruppo by directly calling...

9.8CVSS0.00537EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/03/03 9:53 p.m.20 views

CVE-2026-27012 Unauthenticated privilege escalation in OpenSTAManager via modules/utenti/actions.php

OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, a privilege escalation and authentication bypass vulnerability in OpenSTAManager allows any attacker to arbitrarily change a user's group idgruppo by directly calling...

9.8CVSS0.00537EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/03 9:53 p.m.3 views

CVE-2026-27012 Unauthenticated privilege escalation in OpenSTAManager via modules/utenti/actions.php

OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, a privilege escalation and authentication bypass vulnerability in OpenSTAManager allows any attacker to arbitrarily change a user's group idgruppo by directly calling...

9.8CVSS6AI score0.00537EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/03 9:53 p.m.5 views

EUVD-2026-9334

OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, a privilege escalation and authentication bypass vulnerability in OpenSTAManager allows any attacker to arbitrarily change a user's group idgruppo by directly calling...

9.8CVSS6AI score0.00537EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2026/03/03 5:43 p.m.10 views

OpenSTAManager affected by unauthenticated privilege escalation via modules/utenti/actions.php

Summary A privilege escalation and authentication bypass vulnerability in OpenSTAManager allows any attacker to arbitrarily change a user's group idgruppo by directly calling modules/utenti/actions.php. This can promote an existing account e.g. agent into the Amministratori group as well as demot...

9.8CVSS6AI score0.00537EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/03/03 5:43 p.m.4 views

GHSA-247V-7CW6-Q57V OpenSTAManager affected by unauthenticated privilege escalation via modules/utenti/actions.php

Summary A privilege escalation and authentication bypass vulnerability in OpenSTAManager allows any attacker to arbitrarily change a user's group idgruppo by directly calling modules/utenti/actions.php. This can promote an existing account e.g. agent into the Amministratori group as well as demot...

9.8CVSS6AI score0.00537EPSS
Exploits1References2
Rows per page
Query Builder