Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Cvelist
Cvelistadded 2026/04/01 2:30 a.m.28 views

CVE-2026-5251 z-9527 admin User Update Endpoint user.js dynamically-determined object attributes

A vulnerability was identified in z-9527 admin 1.0/2.0. This impacts an unknown function of the file /server/routes/user.js of the component User Update Endpoint. Such manipulation of the argument isAdmin with the input 1 leads to dynamically-determined object attributes. It is possible to launch...

6.5CVSS0.0006EPSS
Exploits0References4
OSV
OSVadded 2026/02/26 10:22 p.m.3 views

GHSA-5RMX-256W-8MJ9 WireGuard Portal is Vulnerable to Privilege Escalation via User Self-Update to Admin Level

Privilege Escalation to Admin via User Self-Update in wg-portal Summary Any authenticated non-admin user can become a full administrator by sending a single PUT request to their own user profile endpoint with "IsAdmin": true in the JSON body. After logging out and back in, the session picks up...

8.8CVSS5.6AI score0.00095EPSS
Exploits0References6
ATTACKERKB
ATTACKERKBadded 2022/07/06 12:37 p.m.1 views

CVE-2022-30620

On Cellinx Camera with guest enabled, attacker with web access can elevate privileges to administrative: "1" to "0" privileges by changing the following cookie values from "isadmin", "showConfig". Administrative Privileges which allows changing various configuration in the camera...

8.8CVSS5.8AI score0.00368EPSS
Exploits0References2Affected Software1
Openbugbounty
Openbugbountyadded 2021/11/20 7:54 p.m.6 views

is-admin-mp.nuvem.gov.br Cross Site Scripting vulnerability OBB-2277984

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
OSV
OSVadded 2020/01/28 5:15 p.m.0 views

UBUNTU-CVE-2020-8086

The modauthldap and modauthldap2 Community Modules through 2020-01-27 for Prosody incompletely verify the XMPP address passed to the isadmin function. This grants remote entities admin-only functionality if their username matches the username of a local admin...

9.8CVSS7.3AI score0.0067EPSS
Exploits0References6
Exploit DB
Exploit DBadded 2017/03/18 12:0 a.m.42 views

iFdate Social Dating Script 2.0 - SQL Injection

Exploit Title: iFdate Social Dating Script v2.0 - SQL Injection Google Dork: N/A Date: 18.03.2017 Vendor Homepage: http://turnkeycentral.com/ Software: http://turnkeycentral.com/scripts/social-dating-script/ Demo: http://demo.turnkeycentral.com/ifdate/index.php Version: 2.0 Tested on: Win7 x64,...

7.4AI score
Exploits0
Rows per page
Query Builder