PT-2026-41943

Name of the Vulnerable Software and Affected Versions LalanaChami Pharmacy Management System version 5c3d028 Description Unauthenticated remote attackers can escalate privileges by self-assigning an administrative role during the registration process. This occurs because the '/api/user/signup'...

CVE-2025-58334

In JetBrains IDE Services before 2025.5.0.1086, 2025.4.2.2164 users without appropriate permissions could assign high-privileged role for themselves...

iDS6 DSSPro Digital Signage System 6.2 Privilege Escalation

iDS6 DSSPro Digital Signage System 6.2 Improper Access Control Privilege Escalation Vendor: Guangzhou Yeroo Tech Co., Ltd. Product web page: http://www.yerootech.com Affected version: V6.2 B2014.12.12.1220 V5.6 B2017.07.12.1757 V4.3 Summary: iDS6 Software's DSSPro network digital signage manageme...

CVE-2015-1498

Persistent Systems Radia Client Automation does not properly restrict access to certain request, which allows remote attackers to 1 enumerate user accounts via a getUsers request, 2 assign a role to a user account via an addAssigneesToRole request, 3 remove a role from a user account via a...

SA-CONTRIB-2010-045 - Auto Assign Role - Access bypass

The Auto Assign Role serves three primary purposes. The first is to provide an automatic assignment of roles when a new account is created. The second is to allow the end user the option of choosing their own role or roles when they create their account. The third is to provide paths that will...