Galette 安全漏洞

Galette is a Galette open source membership management web application for non-profit organizations. A security vulnerability exists in Galette version 1.1.4 through versions prior to 1.2.0, which stems from the possibility that group administrators may bypass restrictions on contributions and...

Incorrect Authorization

Overview edu.internet2.middleware.grouper:grouper is an Internet2 Groups Management Toolkit Affected versions of this package are vulnerable to Incorrect Authorization via improper job scheduling in the loader jobs configuration process. A group administrator who is not a member of the Grouper...

CVE-2025-59714

In Internet2 Grouper 5.17.1 before 5.20.5, group admins who are not Grouper sysadmins can configure loader jobs...

PT-2025-38504

Name of the Vulnerable Software and Affected Versions Internet2 Grouper versions 5.17.1 through 5.20.4 Description Group administrators who are not also Grouper system administrators can configure loader jobs. Recommendations Update to a version prior to 5.17.1 or after 5.20.5...

CVE-2023-6218

In Progress MOVEit Transfer versions released before 2022.0.9 14.0.9, 2022.1.10 14.1.10, 2023.0.7 15.0.7, a privilege escalation path associated with group administrators has been identified. It is possible for a group administrator to elevate a group members permissions to the role of an...

CVE-2023-6218

In Progress MOVEit Transfer versions released before 2022.0.9 14.0.9, 2022.1.10 14.1.10, 2023.0.7 15.0.7, a privilege escalation path associated with group administrators has been identified. It is possible for a group administrator to elevate a group members permissions to the role of an...

Privilege escalation

In Progress MOVEit Transfer versions released before 2022.0.9 14.0.9, 2022.1.10 14.1.10, 2023.0.7 15.0.7, a privilege escalation path associated with group administrators has been identified. It is possible for a group administrator to elevate a group members permissions to the role of an...

CVE-2023-6218 MOVEit Transfer Group Admin Privilege Escalation

In Progress MOVEit Transfer versions released before 2022.0.9 14.0.9, 2022.1.10 14.1.10, 2023.0.7 15.0.7, a privilege escalation path associated with group administrators has been identified. It is possible for a group administrator to elevate a group members permissions to the role of an...

CVE-2023-6218

MOVEit Transfer CVE-2023-6218 describes an elevation-of-privilege vulnerability where a group administrator can upgrade a group member to organization administrator. Affected products/versions are MOVEit Transfer prior to 2022.0.9 (14.0.9), prior to 2022.1.10 (14.1.10), and prior to 2023.0.7 (15....

Common SQL Server 2 0 0 0 vulnerability and its associated use-vulnerability warning-the black bar safety net

A, empty or weak password Beginners in the SQL Server installation in order to save, the SQL Server Administrator sa is empty or weak password, so the danger is very great, and these dangerous often beginners are not aware of, the little King feel that their library is test data, nothing with, ev...