CVE-2026-2076 yeqifu warehouse User Management Endpoint UserController.java deleteUser improper authorization

A weakness has been identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this vulnerability is the function addUser/updateUser/deleteUser of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\UserController.java of the component User...

CVE-2024-34995

svnWebUI v1.8.3 was discovered to contain an arbitrary file deletion vulnerability via the dirTemps parameter under com.cym.controller.UserControllerimportOver. This vulnerability allows attackers to delete arbitrary files via a crafted POST request...

CVE-2024-41600

Insecure Permissions vulnerability in lin-CMS Springboot v.0.2.1 and before allows a remote attacker to obtain sensitive information via the login method in the UserController.java component...

CVE-2026-0574

A weakness has been identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function saveUserRole of the file warehouse\src\main\java\com\yeqifu\sys\controller\UserController.java of the component Request Handler. This manipulation causes improper...

EUVD-2025-205405

A weakness has been identified in sunkaifei FlyCMS up to abbaa5a8daefb146ad4d61027035026b052cb414. The impacted element is the function userLogin of the file src/main/java/com/flycms/web/front/UserController.java of the component User Login. Executing manipulation of the argument redirectUrl can...

CVE-2023-53923

UliCMS 2023.1 contains a privilege escalation vulnerability that allows unauthenticated attackers to create administrative accounts through the UserController endpoint. Attackers can send a crafted POST request to /dist/admin/index.php with specific parameters to generate a new admin user with fu...

CVE-2023-53923

UliCMS 2023.1 contains a privilege escalation vulnerability that allows unauthenticated attackers to create administrative accounts through the UserController endpoint. Attackers can send a crafted POST request to /dist/admin/index.php with specific parameters to generate a new admin user with fu...

CVE-2023-53923 UliCMS 2023.1 Privilege Escalation via Unauthenticated Admin Account Creation

UliCMS 2023.1 contains a privilege escalation vulnerability that allows unauthenticated attackers to create administrative accounts through the UserController endpoint. Attackers can send a crafted POST request to /dist/admin/index.php with specific parameters to generate a new admin user with fu...

UliCMS 安全漏洞

UliCMS is a content management system CMS open source by UliCMS. The system supports features such as access control and WYSIWYG editing. A security vulnerability exists in UliCMS version 2023.1 that originates from an unauthenticated attacker who can create an administrator account via the...

UliCMS 安全漏洞

UliCMS is a content management system CMS open source by UliCMS. The system supports features such as access control and WYSIWYG editing. A security vulnerability exists in UliCMS version 2023.1, which stems from an improper bulk assignment in UserController that could lead to authentication bypa...

EUVD-2025-199953

A flaw has been found in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected by this vulnerability is the function update of the file orion-ops-api/orion-ops-web/src/main/java/cn/orionsec/ops/controller/UserController.java of the component User Profile Handler. This...

CVE-2025-13808

CVE-2025-13808 affects orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1, specifically the update function in UserController.java of the User Profile Handler. The vulnerability arises from manipulation of the argument ID leading to improper authorization, with remote exploitation ...

EUVD-2021-2265

Malware in sbrugna...

EUVD-2019-13211

Malware in sbrugna...

EUVD-2018-13062

Malware in sbrugna...

EUVD-2025-4296

Malicious code in bioql PyPI...

EUVD-2023-1142

Malicious code in bioql PyPI...

EUVD-2022-49777

Malicious code in bioql PyPI...

EUVD-2023-2203

Malicious code in bioql PyPI...

EUVD-2024-39096

Malicious code in bioql PyPI...