6 matches found
CVE-2023-39846
An issue in Konga v0.14.9 allows attackers to bypass authentication via a crafted JWT token...
Cross site request forgery (csrf)
An issue discovered in Konga 0.14.9 allows remote attackers to manipulate user accounts regardless of privilege via crafted POST request...
CVE-2023-26987
An issue discovered in Konga 0.14.9 allows remote attackers to manipulate user accounts regardless of privilege via crafted POST request...
CVE-2021-42192
Konga v0.14.9 is affected by an incorrect access control vulnerability where a specially crafted request can lead to privilege escalation...
KONGA 0.14.9 Privilege Escalation
Exploit Title: KONGA 0.14.9 - Privilege Escalation Date: 10/11/2021 Exploit Author: Fabricio Salomao & Paulo Trindade @paulotrindadec Vendor Homepage: https://github.com/pantsel/konga Software Link: https://github.com/pantsel/konga/archive/refs/tags/0.14.9.zip Version: 0.14.9 Tested on: Linux -...
KONGA 0.14.9 - Privilege Escalation Exploit
Exploit Title: KONGA 0.14.9 - Privilege Escalation Exploit Author: Fabricio Salomao & Paulo Trindade @paulotrindadec Vendor Homepage: https://github.com/pantsel/konga Software Link: https://github.com/pantsel/konga/archive/refs/tags/0.14.9.zip Version: 0.14.9 Tested on: Linux - Ubuntu 20.04.3 LTS...