Lucene search
+L

16 matches found

cvelist
cvelist
added yesterday29 views

CVE-2026-59258 immich < 3.0.3 Shared Album Editor Ownership Takeover via updateUser

immich before 3.0.3 contains a broken access control vulnerability in the PUT /albums/:id/user/:userId endpoint that allows shared album editors to modify member roles without owner-only restrictions. Attackers with editor access can demote the album owner to editor and promote themselves to owne...

8.3CVSS
Exploits0References5
nvd
nvd
added 2026/04/20 12:16 a.m.13 views

CVE-2026-6584

A vulnerability was found in TransformerOptimus SuperAGI up to 0.0.14. This vulnerability affects the function updateuser of the file superagi/controllers/user.py of the component User Update Endpoint. The manipulation of the argument userid results in authorization bypass. The attack may be...

5.5CVSS0.003EPSS
Exploits0References4
attackerkb
attackerkb
added 2026/04/19 11:15 p.m.4 views

CVE-2026-6584

A vulnerability was found in TransformerOptimus SuperAGI up to 0.0.14. This vulnerability affects the function updateuser of the file superagi/controllers/user.py of the component User Update Endpoint. The manipulation of the argument userid results in authorization bypass. The attack may be...

5.5CVSS5.2AI score0.003EPSS
Exploits0References4Affected Software1
cvelist
cvelist
added 2026/04/19 11:15 p.m.34 views

CVE-2026-6584 TransformerOptimus SuperAGI User Update Endpoint user.py update_user authorization

A vulnerability was found in TransformerOptimus SuperAGI up to 0.0.14. This vulnerability affects the function updateuser of the file superagi/controllers/user.py of the component User Update Endpoint. The manipulation of the argument userid results in authorization bypass. The attack may be...

5.5CVSS0.003EPSS
Exploits0References4
cvelist
cvelist
added 2026/04/10 6:51 p.m.19 views

CVE-2026-33706 Chamilo LMS has a REST API Self-Privilege Escalation (Student → Teacher)

Chamilo LMS is a learning management system. Prior to 1.11.38, any authenticated user with a REST API key can modify their own status field via the updateuserfromusername endpoint. A student status=5 can change their status to Teacher/CourseManager status=1, gaining course creation and management...

7.1CVSS0.00168EPSS
Exploits0References2
euvd
euvd
added 2026/04/10 6:51 p.m.5 views

EUVD-2026-21559

Chamilo LMS is a learning management system. Prior to 1.11.38, any authenticated user with a REST API key can modify their own status field via the updateuserfromusername endpoint. A student status=5 can change their status to Teacher/CourseManager status=1, gaining course creation and management...

7.1CVSS5.8AI score0.00168EPSS
Exploits0References2
cve
cve
added 2026/04/10 6:51 p.m.15 views

CVE-2026-33706

Chamilo LMS prior to 1.11.38 contains a privilege escalation via the REST API. An authenticated user with a REST API key can modify their own status through the update_user_from_username endpoint, allowing a student (status=5) to elevate to Teacher/CourseManager (status=1) and obtain course creat...

7.1CVSS5.8AI score0.00168EPSS
Exploits0References2Affected Software1
githubexploit
githubexploit
added 2026/03/16 8:32 a.m.137 views

Vulnerability-Report

Unauthenticated Arbitrary File Upload RCE in Gaatitrack Cour...

6.8AI score
Exploits0
vulnrichment
vulnrichment
added 2026/02/18 12:0 a.m.3 views

CVE-2025-70152

code-projects Community Project Scholars Tracking System 1.0 is vulnerable to SQL Injection in the admin user management endpoints /admin/saveuser.php and /admin/updateuser.php. These endpoints lack authentication checks and directly concatenate user-supplied POST parameters firstname, lastname,...

9.8CVSS6AI score0.00398EPSS
Exploits1References2
cvelist
cvelist
added 2026/02/18 12:0 a.m.32 views

CVE-2025-70152

code-projects Community Project Scholars Tracking System 1.0 is vulnerable to SQL Injection in the admin user management endpoints /admin/saveuser.php and /admin/updateuser.php. These endpoints lack authentication checks and directly concatenate user-supplied POST parameters firstname, lastname,...

9.8CVSS0.00398EPSS
Exploits1References2
snyk
snyk
added 2025/10/02 12:31 p.m.2 views

Authentication Bypass Using an Alternate Path or Channel

Overview org.apache.kylin:kylin-core-common is a package part of Apache Kylin. Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel via the /api/user/updateuser endpoint. An attacker can gain unauthorized access by exploiting this endpoint t...

9.3CVSS7AI score0.01224EPSS
Exploits0References2
snyk
snyk
added 2025/10/02 12:31 p.m.3 views

Authentication Bypass Using an Alternate Path or Channel

Overview Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel via the /api/user/updateuser endpoint. An attacker can gain unauthorized access by exploiting this endpoint to bypass authentication mechanisms. Remediation Upgrade...

9.3CVSS7.3AI score0.01224EPSS
Exploits0References2
cnnvd
cnnvd
added 2024/12/30 12:0 a.m.3 views

Simple Chat System 注入漏洞

Chat System is a chat system. Chat System suffers from a SQL injection vulnerability that stems from a lack of adequate validation of the input of the id parameter in the /admin/updateuser.php file. No details of the vulnerability are available at this time...

9.8CVSS8AI score0.004EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2023/06/06 12:0 a.m.5 views

PT-2023-24394 · Unknown · Sourcecodester Faculty Evaluation System

Name of the Vulnerable Software and Affected Versions: Sourcecodester Faculty Evaluation System version 1.0 Description: The issue allows for arbitrary code execution via the "ip/eval/ajax.php?action=update user" API endpoint. This could potentially lead to unauthorized access and control of the...

7.2CVSS7.5AI score0.01112EPSS
Exploits1References3
osv
osv
added 2022/08/10 8:16 p.m.5 views

CVE-2022-36750

Clinic's Patient Management System v1.0 is vulnerable to SQL injection via /pms/updateuser.php?id=...

9.8CVSS5.8AI score
Exploits0References1
ptsecurity
ptsecurity
added 2022/08/10 12:0 a.m.4 views

PT-2022-23604 · Unknown · Clinic'S Patient Management System

Name of the Vulnerable Software and Affected Versions: Clinic's Patient Management System version 1.0 Description: The issue concerns a SQL injection vulnerability. It can be exploited via the /pms/update user.php endpoint, specifically through the id parameter. Recommendations: For Clinic's...

9.8CVSS7.5AI score0.00821EPSS
Exploits1References3
Rows per page
Query Builder