3 matches found
CVE-2026-0871 Org.keycloak/keycloak-services: keycloak: unauthorized modification of unmanaged user attributes by administrators
A flaw was found in Keycloak. An administrator with manage-users permission can bypass the "Only administrators can view" setting for unmanaged attributes, allowing them to modify these attributes. This improper access control can lead to unauthorized changes to user profiles, even when the syste...
EUVD-2018-12793
Malware in sbrugna...
ScriptAndTools Online-Travling-System 安全漏洞
ScriptAndTools Online-Travling-System is an online travelling system from ScriptAndTools, Inc. A security vulnerability exists in ScriptAndTools Online-Travling-System version 1.0 that stems from improper access control in the /admin/addadvertisement.php file, which could lead to bypassing the...