Lucene search
K

9 matches found

NVD
NVD
added 2026/05/07 4:16 a.m.17 views

CVE-2026-41662

Admidio is an open-source user management solution. Prior to version 5.0.9, Role::stopMembership does not verify whether removing a user from the administrator role leaves zero administrators. The deprecated Membership::stopMembership contains this safety check, but the current code path bypasses...

5.2CVSS0.00285EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/07 2:59 a.m.6 views

CVE-2026-41662

Admidio is an open-source user management solution. Prior to version 5.0.9, Role::stopMembership does not verify whether removing a user from the administrator role leaves zero administrators. The deprecated Membership::stopMembership contains this safety check, but the current code path bypasses...

5.2CVSS5.8AI score0.00285EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2025/11/25 12:0 a.m.4 views

WordPress ELEX WordPress HelpDesk & Customer Ticketing System plugin unauthorized data modification vulnerability (CNVD-2025-30131)

WordPress ELEX WordPress HelpDesk & Customer Ticketing System plugin is a helpdesk and customer work order system plugin for WordPress websites designed to help businesses or individuals efficiently manage customer support requests. WordPress ELEX WordPress HelpDesk & Customer Ticketing System...

5.3CVSS6.9AI score0.00248EPSS
Exploits0References1
OSV
OSV
added 2025/06/10 1:30 p.m.8 views

USN-7564-1 samba vulnerability

It was discovered that Samba incorrectly handled certain group membership changes when using Kerberos authentication. A remote user could possibly use this issue to continue to access resources after being removed by an administrator...

4.9CVSS5.8AI score0.00595EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/12/05 12:0 a.m.5 views

SoftIron HyperCloud Security Vulnerability

SoftIron HyperCloud is an intelligent cloud architecture from SoftIron. A security vulnerability exists in SoftIron HyperCloud versions 1.0 through prior to 2.1 that stems from the presence of a mismanagement of privileges vulnerability. An attacker at the administrator level can exploit this...

4.4CVSS5AI score0.00236EPSS
Exploits0References1
CNVD
CNVD
added 2022/02/23 12:0 a.m.14 views

Wordpress plugin Float menu cross-site request forgery vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in the Wordpress plugin Float menu, which stems fr...

4.3CVSS6.6AI score0.00464EPSS
Exploits2References1
CNNVD
CNNVD
added 2022/02/21 12:0 a.m.4 views

WordPress 跨站请求伪造漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in the Wordpress plugin Float menu, which stems fr...

4.3CVSS5.5AI score0.00464EPSS
Exploits2References4
CNNVD
CNNVD
added 2021/11/11 12:0 a.m.5 views

Ec-cube 跨站请求伪造漏洞

EC-CUBE is an open source system for creating shopping websites. EC-CUBE versions 2.11.0 - 2.17.1 have a cross-site request forgery vulnerability in the administration interface. An attacker could exploit the vulnerability to remove administrators by tricking a user with administrative privileges...

6.5CVSS5.5AI score0.00533EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2017/10/05 12:0 a.m.7 views

The vulnerability of the microprogrammed logic controllers from Rockwell Automation, the Micrologix 1100 and Micrologix 1400, is related to deficiencies in access control. This allows a intruder to remove all administrators, thereby disabling additional functions of the device.

The vulnerability of the microprogrammed logic controllers from Rockwell Automation, the Micrologix 1100 and Micrologix 1400, is related to deficiencies in access control. Exploiting this vulnerability could allow a person with administrator privileges to remotely remove all administrators, there...

3.3CVSS5.8AI score0.02426EPSS
Exploits0References5
Rows per page
Query Builder