Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:10 p.m.4 views

CVE-2026-32818

Admidio is an open-source user management solution. In versions 5.0.0 through 5.0.6, the forum module in Admidio does not verify whether the current user has permission to delete forum topics or posts. Both the topicdelete and postdelete actions in forum.php only validate the CSRF token but perfo...

6.5CVSS5.8AI score0.00226EPSS
Exploits1References1
OSV
OSV
added 2026/03/19 11:0 p.m.8 views

CVE-2026-32818 Admidio is Missing Authorization on Forum Topic and Post Deletion

Admidio is an open-source user management solution. In versions 5.0.0 through 5.0.6, the forum module in Admidio does not verify whether the current user has permission to delete forum topics or posts. Both the topicdelete and postdelete actions in forum.php only validate the CSRF token but perfo...

6.5CVSS5.8AI score0.00226EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/03/19 11:0 p.m.24 views

CVE-2026-32818 Admidio is Missing Authorization on Forum Topic and Post Deletion

Admidio is an open-source user management solution. In versions 5.0.0 through 5.0.6, the forum module in Admidio does not verify whether the current user has permission to delete forum topics or posts. Both the topicdelete and postdelete actions in forum.php only validate the CSRF token but perfo...

6.5CVSS0.00226EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/19 11:0 p.m.2 views

CVE-2026-32818

Admidio is an open-source user management solution. In versions 5.0.0 through 5.0.6, the forum module in Admidio does not verify whether the current user has permission to delete forum topics or posts. Both the topicdelete and postdelete actions in forum.php only validate the CSRF token but perfo...

6.5CVSS5.7AI score0.00226EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/19 11:0 p.m.2 views

CVE-2026-32818 Admidio is Missing Authorization on Forum Topic and Post Deletion

Admidio is an open-source user management solution. In versions 5.0.0 through 5.0.6, the forum module in Admidio does not verify whether the current user has permission to delete forum topics or posts. Both the topicdelete and postdelete actions in forum.php only validate the CSRF token but perfo...

6.5CVSS5.8AI score0.00226EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/03/16 9:18 p.m.9 views

Admidio is Missing Authorization on Forum Topic and Post Deletion

Summary The forum module in Admidio does not verify whether the current user has permission to delete forum topics or posts. Both the topicdelete and postdelete actions in forum.php only validate the CSRF token but perform no authorization check before calling delete. Any authenticated user with...

6.5CVSS5.9AI score0.00226EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.3 views

PT-2026-26173

Summary The forum module in Admidio does not verify whether the current user has permission to delete forum topics or posts. Both the topic delete and post delete actions in forum.php only validate the CSRF token but perform no authorization check before calling delete. Any authenticated user wit...

6.5CVSS6AI score0.00226EPSS
Exploits1References6
NVD
NVD
added 2023/11/02 10:15 p.m.36 views

CVE-2023-43194

Submitty before v22.06.00 is vulnerable to Incorrect Access Control. An attacker can delete any post in the forum by modifying request parameter...

5.3CVSS5.3AI score0.00505EPSS
Exploits1References2
OSV
OSV
added 2023/11/02 12:0 a.m.18 views

CVE-2023-43194

Submitty before v22.06.00 is vulnerable to Incorrect Access Control. An attacker can delete any post in the forum by modifying request parameter...

5.3CVSS7AI score0.00505EPSS
Exploits1References4
exploitpack
exploitpack
added 2008/01/06 12:0 a.m.36 views

PortalApp 4.0 - SQL Injection Cross-Site Scripting Authentication Bypass

PortalApp 4.0 - SQL Injection Cross-Site Scripting Authentication Bypass Title: PortalApp 4.0 Multiple vulnerabilities Discovered By: r3dm0v3 http://r3dm0v3.persianblog.ir r3dm0v3 4t yahoodotcom Tehran - Iran Vendor: http://www.portalapp.com Vulnerable Version: 4.0, prior versions maybe vulnerabl...

1.2AI score
Exploits0
Rows per page
Query Builder