64 matches found
CVE-2024-3283 Privilege Escalation via Mass Assignment in mintplex-labs/anything-llm
A vulnerability in mintplex-labs/anything-llm allows users with manager roles to escalate their privileges to admin roles through a mass assignment issue. The '/admin/system-preferences' API endpoint improperly authorizes manager-level users to modify the 'multiusermode' system variable, enabling...
CVE-2024-3283 Privilege Escalation via Mass Assignment in mintplex-labs/anything-llm
A vulnerability in mintplex-labs/anything-llm allows users with manager roles to escalate their privileges to admin roles through a mass assignment issue. The '/admin/system-preferences' API endpoint improperly authorizes manager-level users to modify the 'multiusermode' system variable, enabling...
PT-2024-24905 · Mintplex · Anything-Llm
Name of the Vulnerable Software and Affected Versions: mintplex-labs/anything-llm affected versions not specified Description: A vulnerability in mintplex-labs/anything-llm allows users with manager roles to escalate their privileges to admin roles through a mass assignment issue. The...
Missing access control on critical functions
Lines of code Vulnerability details The broad admin role enables arbitrary manipulation of the heap without restrictions. Recommendation: Implement granular access control and privilege separation. Implement an access control system such as OpenZeppelin AccessControl to restrict access to these...
Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring has applied security fixes for user privilege escalation
Summary IBM Cloud Pak for Multicloud Management Monitoring has patched for users without admin roles. Non-admin user should not access to admin functions by specifying direct URL paths. Vulnerability Details IBM X-Force ID: 238210 DESCRIPTION: IBM Cloud Pak for Multicloud Management Monitoring...
CVE-2022-4327
CVE-2022-4327 corresponds to a PHP Object Injection issue in the WordPress plugin Anti-Malware Security and Brute-Force Firewall. The root cause is unsafe unserialize usage that can be exploited by privileged users (admin) to trigger gadget chains, enabling arbitrary object injection. Affected re...
Cross site scripting
The Essential Real Estate WordPress plugin before 3.9.6 does not sanitize and escapes some parameters, which could allow users with a role as low as Admin to perform Cross-Site Scripting attacks...
Exposure of critical functions
Lines of code Vulnerability details Impact AdminRole mixin exposes critical functions without any restrictions like grantAdmin revokeAdmin Proof of Concept Criticial functions like grantAdmin can be externally accessed changing the critical roles like admin. // for eg: function grantAdminaddress...
Omise: Unauthorized Access - downgraded admin roles to none can still edit projects through brupsuite
hi team, I found that your site is vulnerable to Unauthorized Access lead to privilege escalation, where when the owner invites a user with admin roles, the user can still edit anything with admin access, via brupsuite, it should get an error message because the admin role has been removed...
PT-2022-13805 · Mattermost · Mattermost
Name of the Vulnerable Software and Affected Versions: Mattermost versions 6.4.1 and earlier Description: The issue is related to improper privilege management in Mattermost, where an API fails to properly protect permissions. This allows authenticated members with restricted custom admin roles t...
CVE-2022-0550
Improper Input Validation vulnerability in custom report logo upload in Nozomi Networks Guardian, and CMC allows an authenticated attacker with admin or report manager roles to execute unattended commands on the appliance using web server user privileges. This issue affects: Nozomi Networks...
CVE-2022-0551 Authenticated RCE on project configuration import in Guardian/CMC before 22.0.0
Improper Input Validation vulnerability in project file upload in Nozomi Networks Guardian and CMC allows an authenticated attacker with admin or import manager roles to execute unattended commands on the appliance using web server user privileges. This issue affects: Nozomi Networks Guardian...
Foundation Treasury initialize() function can be called by an attacker first
Lines of code Vulnerability details Impact In FoundationTreasury.sol the initialize function can only be called once setting the admin and operator roles which are used in other contracts. The problem is that this initialize function is not called in any deployment script which means an attacker...
Cross-site Scripting (XSS)
Overview s-cart/core is a free Laravel e-commerce for business. Affected versions of this package are vulnerable to Cross-site Scripting XSS which can lead to cookie stealing of any victim that visits the affected URL so the attacker can gain unauthorized access to that user's account through the...
CVE-2022-23008
On NGINX Controller API Management versions 3.18.0-3.19.0, an authenticated attacker with access to the "user" or "admin" role can use undisclosed API endpoints on NGINX Controller API Management to inject JavaScript code that is executed on managed NGINX data plane instances. Note: Software...
CVE-2020-36396
The CVE refers to LavaLite 5.8.0, specifically a stored XSS in the /admin/roles/role component. An authenticated attacker can inject arbitrary web scripts/HTML via the New parameter, enabling script execution in the context of the logged-in user. The provided connected documents confirm the vulne...
LavaLite 跨站脚本漏洞
Lavalite is an open source content management system developed using the Laravel framework. A stored cross-site scripting vulnerability exists in the /admin/roles/role component of LavaLite version 5.8.0, which can be exploited by an attacker to execute arbitrary Web script or HTML via the ""New"...
Authentication flaw
The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.7 was being actively exploited to by malicious actors to bypass authentication, allowing unauthenticated users to log in as any user including admin by just providing the related username, as well as create accounts with...
The Plus Addons for Elementor Page Builder < 4.1.7 - Authentication Bypass
The plugin was being actively exploited to by malicious actors to bypass authentication, allowing unauthenticated users to log in as any user including admin by just providing the related username, as well as create accounts with arbitrary roles, such as admin. These issues can be exploited even ...
openstack-keystone: Incorrect role assignment with federated Keystone
An authorization-check flaw was discovered in federation configurations of the OpenStack Identity service keystone. An authenticated federated user could request permissions to a project and unintentionally be granted all related roles including administrative roles...