Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/04/02 10:55 p.m.6 views

CVE-2026-34570

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to immediately revoke active user sessions when an account is deleted. Due to a logic flaw in the backend...

8.8CVSS5.8AI score0.00502EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/09 6:51 p.m.2 views

CVE-2026-3638

Improper access control in user and role restore API endpoints in Devolutions Server 2025.3.11.0 and earlier allows a low-privileged authenticated user to restore deleted users and roles via crafted API requests...

5.9CVSS5.8AI score0.00177EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/09 12:0 a.m.9 views

Devolutions Server 安全漏洞

Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server prior to 2025.3.11.0 contained security vulnerabilities. These vulnerabilities were due to...

5.9CVSS5.8AI score0.00177EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 9:19 a.m.4 views

CVE-2024-36523

An access control issue in Wvp GB28181 Pro 2.0 allows users to continue to access information in the application after deleting their own or administrator accounts. This is provided that the users do not log out of their deleted accounts...

6.5CVSS5.9AI score0.00338EPSS
Exploits1References1
OSV
OSV
added 2024/08/23 9:30 p.m.14 views

GHSA-JG95-R9XH-XW9C Mage AI incorrectly gives privileges to users with deleted accounts

Guest users in the Mage AI framework that remain logged in after their accounts are deleted, are mistakenly given high privileges and specifically given access to remotely execute arbitrary code through the Mage AI terminal server...

7.3CVSS7.4AI score0.00467EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2024/08/23 9:30 p.m.31 views

Mage AI incorrectly gives privileges to users with deleted accounts

Guest users in the Mage AI framework that remain logged in after their accounts are deleted, are mistakenly given high privileges and specifically given access to remotely execute arbitrary code through the Mage AI terminal server...

8.8CVSS7.7AI score0.00467EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/06/12 9:15 p.m.4 views

CVE-2024-36523

An access control issue in Wvp GB28181 Pro 2.0 allows users to continue to access information in the application after deleting their own or administrator accounts. This is provided that the users do not log out of their deleted accounts...

6.5CVSS5.8AI score0.00338EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2021/10/06 5:46 p.m.61 views

Deleted Admin Can Sign In to Admin Interface

Impact Assuming an administrator once had previous access to the admin interface, they may still be able to sign in to the backend using October CMS v2.0. Patches The issue has been patched in v2.1.12 Workarounds - Reset the password of the deleted accounts to prevent them from signing in. - Plea...

7.2CVSS1.7AI score0.01056EPSS
Exploits0References4Affected Software2
OSV
OSV
added 2021/10/06 5:46 p.m.21 views

GHSA-6GJF-7W99-J7X7 Deleted Admin Can Sign In to Admin Interface

Impact Assuming an administrator once had previous access to the admin interface, they may still be able to sign in to the backend using October CMS v2.0. Patches The issue has been patched in v2.1.12 Workarounds - Reset the password of the deleted accounts to prevent them from signing in. - Plea...

7.2CVSS7.1AI score0.01056EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2016/11/13 8:50 p.m.13 views

Over 300 Million AdultFriendFinder Accounts Exposed in Massive Data Breach

Adult Friend Finder, a casual dating website with the tagline "hookup, find sex or meet someone hot now," has suffered another massive data breach, but this time it is much worse than the last year. Over 300 Million AdultFriendFinder accounts have reportedly been exposed in a massive data breach...

6.6AI score
Exploits0
Rows per page
Query Builder