Lucene search
K

6 matches found

Vulnrichment
Vulnrichment
added 2026/06/25 7:8 p.m.3 views

CVE-2026-57520 Bitwarden Server < 2026.5.0 Privilege Escalation via Bulk User Remove Endpoint

Bitwarden Server before 2026.5.0 contains a privilege escalation vulnerability that allows authenticated Custom users with ManageUsers permission to remove Admin accounts from an organization by exploiting a missing role hierarchy check in the bulk user-remove endpoint. Attackers can supply Admin...

7.1CVSS5.8AI score0.00354EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.15 views

PT-2026-52574

Name of the Vulnerable Software and Affected Versions Bitwarden Server versions prior to 2026.5.0 Description An issue exists where authenticated Custom users with the ManageUsers permission can escalate privileges to remove Admin accounts from an organization. This occurs due to a missing role...

7.1CVSS5.8AI score0.00354EPSS
Exploits1References8
Vulnrichment
Vulnrichment
added 2026/05/21 8:28 p.m.7 views

CVE-2026-8350 Concrete CMS 9.5.0 and below is vulnerable to missing authorization in the bulk_user_assignment.php which can lead to privilege escalation to Administrative Group

Concrete CMS 9.5.0 and below is vulnerable to missing authorization in the bulkuserassignment.php which can lead to privilege escalation to Administrative Group. Any authenticated user with access to the bulk user assignment dashboard page can add any user email to any group and can remove...

7.5CVSS5.8AI score0.00301EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.14 views

EUVD-2024-49924

Malicious code in bioql PyPI...

8.4CVSS6.6AI score0.00392EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/08/15 12:0 a.m.6 views

Eyes of Network Web 跨站请求伪造漏洞

Eyes of Network Web is a global regulatory solution for hardware status of devices, operating systems, standard applications, business applications and performance from the Eyes of Network Web community. A security vulnerability exists in Eyes of Network Web version 5.3, which stems from a lack o...

8.8CVSS7.7AI score0.00425EPSS
Exploits1References3
seebug.org
seebug.org
added 2014/10/13 12:0 a.m.39 views

UCenter存在多处CSRF(可备份数据、删除应用、删除管理员等)

简要描述: UCenter存在多处CSRF(可备份数据、删除应用、删除管理员等) 详细说明: UCenter有很多处没有判断formhash啊……都可以CSRF…… 漏洞证明: 1 删除应用 formhash为空,成功提交 2 删除管理员 formhash为空,成功删除 3 备份数据 无formhash,目录名可控 img src="https://images.seebug.org/upload/201410/041241325af3f4ef84e017e7a80...

7.1AI score
Exploits0
Rows per page
Query Builder