14 matches found
CVE-2026-41657 Admidio: Cross-Organization Member Data Exposure via Permission Check Mismatch in contacts_data.php
Admidio is an open-source user management solution. Prior to version 5.0.9, the contactsdata.php endpoint uses a weaker permission check isAdministratorUsers, requiring only roledituser=true than the frontend UI contacts.php which correctly requires the stronger isAdministrator requiring...
GHSA-G8P8-94F2-28GR Admidio Exposes Cross-Organization Member Data via Permission Check Mismatch in contacts_data.php
Summary The contactsdata.php endpoint uses a weaker permission check isAdministratorUsers, requiring only roledituser=true than the frontend UI contacts.php which correctly requires the stronger isAdministrator requiring roladministrator=true and the contactsshowall system setting. A user manager...
Admidio Exposes Cross-Organization Member Data via Permission Check Mismatch in contacts_data.php
Summary The contactsdata.php endpoint uses a weaker permission check isAdministratorUsers, requiring only roledituser=true than the frontend UI contacts.php which correctly requires the stronger isAdministrator requiring roladministrator=true and the contactsshowall system setting. A user manager...
CVE-2026-40071 pyLoad WebUI JSON permission mismatch lets ADD/DELETE users invoke MODIFY-only actions
pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev97, the /json/packageorder, /json/linkorder, and /json/abortlink WebUI JSON endpoints enforce weaker permissions than the core API methods they invoke. This allows authenticated low-privileged users to execut...
CVE-2026-40071
CVE-2026-40071 affects the pyLoad download manager (Python). The weakness lies in the WebUI JSON endpoints /json/package_order, /json/link_order, and /json/abort_link, which enforce weaker permissions than the core API methods they invoke. This permits authenticated, low-privileged users to perfo...
GHSA-RFGH-63MG-8PWM pyload-ng has a WebUI JSON permission mismatch that lets ADD/DELETE users invoke MODIFY-only actions
Summary Several WebUI JSON endpoints enforce weaker permissions than the core API methods they invoke. This allows authenticated low-privileged users to execute MODIFY operations that should be denied by pyLoad's own permission model. Confirmed mismatches: - ADD user can reorder packages/files...
pyload-ng has a WebUI JSON permission mismatch that lets ADD/DELETE users invoke MODIFY-only actions
Summary Several WebUI JSON endpoints enforce weaker permissions than the core API methods they invoke. This allows authenticated low-privileged users to execute MODIFY operations that should be denied by pyLoad's own permission model. Confirmed mismatches: - ADD user can reorder packages/files...
CVE-2025-14802
The LearnPress – WordPress LMS Plugin for WordPress is vulnerable to unauthorized file deletion in versions up to, and including, 4.3.2.2 via the /wp-json/lp/v1/material/fileid REST API endpoint. This is due to a parameter mismatch between the DELETE operation and authorization check, where the...
CVE-2025-14802
CVE-2025-14802 affects LearnPress – WordPress LMS Plugin for Create and Sell Online Courses. The vulnerability is an insecure direct object reference via the REST DELETE endpoint /wp-json/lp/v1/material/{file_id}. The permission check uses item_id from the request body, while the endpoint consume...
PT-2026-1581
Name of the Vulnerable Software and Affected Versions LearnPress – WordPress LMS Plugin for WordPress versions up to and including 4.3.2.2 Description The LearnPress – WordPress LMS Plugin for WordPress is susceptible to unauthorized file deletion. This is caused by a discrepancy in parameter...
Signal K Server 安全漏洞
Signal K Server is a ship centralized server from Signal K open source. A security vulnerability exists in Signal K Server versions prior to 2.19.0 that stems from the access request system trusting the X-Forwarded-For header and inconsistently displaying the description field with the permission...
CVE-2025-36228
IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 may allow inconsistent permissions between the user interface and backend API allowed users to access features that appeared disabled, potentially leading to misuse...
CVE-2025-36228
IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 may allow inconsistent permissions between the user interface and backend API allowed users to access features that appeared disabled, potentially leading to misuse...
CVE-2022-23139
ZTE's ZXMP M721 product has a permission and access control vulnerability. Since the folder permission viewed by sftp is 666, which is inconsistent with the actual permission. It’s easy for?users to?ignore the modification?of?the file permission configuration, so that low-authority accounts could...