2116 matches found
Simple E-Learning System SQL注入漏洞
Simple E-Learning System is a simple e-learning system developed by Carlo Montero as an individual project. Version 1.0 of Simple E-Learning System has a SQL injection vulnerability. This vulnerability stems from improper handling of the firstName parameter in the User Profile Update Handler...
CVE-2026-31836
Checkmate is an open-source, self-hosted tool designed to track and monitor server hardware, uptime, response times, and incidents in real-time with beautiful visualizations. In versions from 3.5.1 and prior, a mass assignment vulnerability in Checkmate's user profile update endpoint allows any...
CVE-2026-31836
CVE-2026-31836 affects Checkmate (open-source self-hosted tool). Versions up to and including 3.5.1 contain a mass assignment vulnerability in the user profile update endpoint, allowing any authenticated user to escalate to superadmin and bypass RBAC. This grants complete administrative access (v...
CVE-2026-31836 Mass Assignment Privilege Escalation in Checkmate
Checkmate is an open-source, self-hosted tool designed to track and monitor server hardware, uptime, response times, and incidents in real-time with beautiful visualizations. In versions from 3.5.1 and prior, a mass assignment vulnerability in Checkmate's user profile update endpoint allows any...
EUVD-2026-13124
OPEXUS eComplaint and eCASE before 10.2.0.0 do not correctly sanitize the contents of first and last name fields in a user profile. An authenticated attacker can inject parts of an XSS payload in their first and last name fields. The payload is executed when the user's full name is rendered. The...
EUVD-2026-12379
Insecure Direct Object Reference IDOR vulnerability in Campus Educativa specifically at the endpoint '/archivos/usuarios/ID/username/thumbAAxAA.jpg' translated as 80x90 and 40x45. Successful exploitation of this vulnerability could allow an unauthenticated attacker to access the profile photos of...
CVE-2026-3111 Multiple vulnerabilities on the Educativa Campus
Insecure Direct Object Reference IDOR vulnerability in Campus Educativa specifically at the endpoint '/archivos/usuarios/ID/username/thumbAAxAA.jpg' translated as 80x90 and 40x45. Successful exploitation of this vulnerability could allow an unauthenticated attacker to access the profile photos of...
CVE-2026-3111
CVE-2026-3111 affects Educativa Campus. An Insecure Direct Object Reference permits an unauthenticated attacker to access any user’s profile photo via the manipulated URL /archivos/usuarios/[ID]/[username]/thumb_AAxAA.jpg (80x90 and 40x45). The provided metrics state CVSS v4 base score 6.9 (Netwo...
INDEX ÉDUCATION PRONOTE 安全漏洞
INDEX ÉDUCATION PRONOTE is an educational management platform developed by the French company INDEX ÉDUCATION. Versions of INDEX ÉDUCATION PRONOTE prior to version 2025.2.8 contained security vulnerabilities. These vulnerabilities were due to improper access control, which could allow unverified...
CVE-2026-27793 Seerr has Broken Object-Level Authorization in User Profile Endpoint that Exposes Third-Party Notification Credentials
Seerr is an open-source media request and discovery manager for Jellyfin, Plex, and Emby. Prior to version 3.1.0, the GET /api/v1/user/:id endpoint returns the full settings object for any user, including Pushover, Pushbullet, and Telegram credentials, to any authenticated requester regardless of...
CVE-2026-27793
CVE-2026-27793 describes a broken access control in Seerr prior to 3.1.0, where the GET /api/v1/user/:id endpoint returns the full user settings object (including credentials for Pushover, Pushbullet, Telegram) to any authenticated requester, regardless of privileges. This allows eavesdropping of...
CVE-2026-0871
A flaw was found in Keycloak. An administrator with manage-users permission can bypass the "Only administrators can view" setting for unmanaged attributes, allowing them to modify these attributes. This improper access control can lead to unauthorized changes to user profiles, even when the syste...
EUVD-2026-8797
WireGuard Portal is Vulnerable to Privilege Escalation via User Self-Update to Admin Level...
Improper Privilege Management
Overview Affected versions of this package are vulnerable to Improper Privilege Management via the IsAdmin field in the user profile update process. An attacker can gain unauthorized administrative privileges by sending a crafted PUT request to their own user profile endpoint with IsAdmin set to...
CVE-2026-2947
A vulnerability was detected in rymcu forest up to 0.0.5. This affects the function updateUserInfo of the file - src/main/java/com/rymcu/forest/web/api/user/UserInfoController.java of the component User Profile Handler. The manipulation results in cross site scripting. The attack can be executed...
CVE-2026-2947
A vulnerability was detected in rymcu forest up to 0.0.5. This affects the function updateUserInfo of the file - src/main/java/com/rymcu/forest/web/api/user/UserInfoController.java of the component User Profile Handler. The manipulation results in cross site scripting. The attack can be executed...
CVE-2026-2947
A vulnerability was detected in rymcu forest up to 0.0.5. This affects the function updateUserInfo of the file - src/main/java/com/rymcu/forest/web/api/user/UserInfoController.java of the component User Profile Handler. The manipulation results in cross site scripting. The attack can be executed...
CVE-2026-2947
A vulnerability was detected in rymcu forest up to 0.0.5. This affects the function updateUserInfo of the file - src/main/java/com/rymcu/forest/web/api/user/UserInfoController.java of the component User Profile Handler. The manipulation results in cross site scripting. The attack can be executed...
CVE-2026-2947 rymcu forest User Profile UserInfoController.java updateUserInfo cross site scripting
A vulnerability was detected in rymcu forest up to 0.0.5. This affects the function updateUserInfo of the file - src/main/java/com/rymcu/forest/web/api/user/UserInfoController.java of the component User Profile Handler. The manipulation results in cross site scripting. The attack can be executed...
PT-2026-21450
Name of the Vulnerable Software and Affected Versions rymcu forest versions up to 0.0.5 Description A cross-site scripting issue exists in rymcu forest. The issue is located in the updateUserInfo function within the src/main/java/com/rymcu/forest/web/api/user/UserInfoController.java file of the...