5 matches found
CVE-2026-5251
A vulnerability was identified in z-9527 admin 1.0/2.0. This impacts an unknown function of the file /server/routes/user.js of the component User Update Endpoint. Such manipulation of the argument isAdmin with the input 1 leads to dynamically-determined object attributes. It is possible to launch...
CVE-2026-5251 z-9527 admin User Update Endpoint user.js dynamically-determined object attributes
A vulnerability was identified in z-9527 admin 1.0/2.0. This impacts an unknown function of the file /server/routes/user.js of the component User Update Endpoint. Such manipulation of the argument isAdmin with the input 1 leads to dynamically-determined object attributes. It is possible to launch...
admin 安全漏洞
admin is a chatroom software developed by z-9527 as an individual developer. Both the 1.0 and 2.0 versions of admin have security vulnerabilities. These vulnerabilities stem from incorrect operations with the parameter “isAdmin” in the file/server/routes/user.js, which may lead to the dynamic...
SUSE CVE-2015-7707
Ignite Realtime Openfire 3.10.2 allows remote authenticated users to gain administrator access via the isadmin parameter to user-edit-form.jsp...
Code injection
Ignite Realtime Openfire 3.10.2 allows remote authenticated users to gain administrator access via the isadmin parameter to user-edit-form.jsp...