Lucene search
+L

4 matches found

Vulnrichment
Vulnrichment
added 2026/03/09 11:3 p.m.2 views

CVE-2026-30927 Admidio: Event participation IDOR - non-leaders can register other users for events via user_uuid parameter

Admidio is an open-source user management solution. Prior to 5.0.6, in modules/events/eventsfunction.php, the event participation logic allows any user who can participate in an event to register OTHER users by manipulating the useruuid GET parameter. The condition uses || OR, meaning if...

5.3CVSS5.9AI score0.00253EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/09 11:3 p.m.44 views

CVE-2026-30927 Admidio: Event participation IDOR - non-leaders can register other users for events via user_uuid parameter

Admidio is an open-source user management solution. Prior to 5.0.6, in modules/events/eventsfunction.php, the event participation logic allows any user who can participate in an event to register OTHER users by manipulating the useruuid GET parameter. The condition uses || OR, meaning if...

5.3CVSS0.00253EPSS
Exploits0References3
CVE
CVE
added 2026/03/09 11:3 p.m.21 views

CVE-2026-30927

CVE-2026-30927 affects Admidio (open-source user management). Prior to 5.0.6, the event participation logic in modules/events/events_function.php allowed any user who can participate in an event to register or cancel participation for OTHER users by manipulating the user_uuid GET parameter. The c...

5.4CVSS5.9AI score0.00253EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/09 7:45 p.m.10 views

Admidio: Event participation IDOR - non-leaders can register other users for events via user_uuid parameter

Vulnerability In modules/events/eventsfunction.php, the event participation logic allows any user who can participate in an event to register OTHER users by manipulating the useruuid GET parameter. Line 47: $getUserUuid = admFuncVariableIsValid$GET, 'useruuid', 'uuid', ... Line 424: if...

5.4CVSS5.9AI score0.00253EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder