5 matches found
CVE-2021-37394
In RPCMS v1.8 and below, attackers can interact with API and change variable "role" to "admin" to achieve admin user registration...
CVE-2021-37394
In RPCMS v1.8 and below, attackers can interact with API and change variable "role" to "admin" to achieve admin user registration...
CVE-2021-37394
In RPCMS v1.8 and below, attackers can interact with API and change variable "role" to "admin" to achieve admin user registration...
CVE-2021-37394
RPCMS (v1.8 and earlier) contains an API-level flaw that allows attackers to alter the user role parameter to admin via the API, enabling admin account registration. The connected sources consistently describe this as a role-parameter manipulation vulnerability affecting RPCMS v1.8 and below, lea...
CVE-2021-37394
In RPCMS v1.8 and below, attackers can interact with API and change variable "role" to "admin" to achieve admin user registration...