Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/11/27 7:10 p.m.8 views

CVE-2025-66028

OneUptime is a solution for monitoring and managing online services. Prior to version 8.0.5567, OneUptime is vulnerable to privilege escalation via Login Response Manipulation. During the login process, the server response included a parameter called isMasterAdmin. By intercepting and modifying...

8.2CVSS7.2AI score0.00264EPSS
Exploits1References1
NVD
NVD
added 2025/11/26 7:15 p.m.11 views

CVE-2025-66028

OneUptime is a solution for monitoring and managing online services. Prior to version 8.0.5567, OneUptime is vulnerable to privilege escalation via Login Response Manipulation. During the login process, the server response included a parameter called isMasterAdmin. By intercepting and modifying...

8.2CVSS0.00264EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/11/26 6:11 p.m.14 views

CVE-2025-66028 OneUptime is Vulnerable to Privilege Escalation via Login Response Manipulation

OneUptime is a solution for monitoring and managing online services. Prior to version 8.0.5567, OneUptime is vulnerable to privilege escalation via Login Response Manipulation. During the login process, the server response included a parameter called isMasterAdmin. By intercepting and modifying...

6.9CVSS0.00264EPSS
Exploits1References2
OSV
OSV
added 2025/11/26 6:11 p.m.5 views

CVE-2025-66028 OneUptime is Vulnerable to Privilege Escalation via Login Response Manipulation

OneUptime is a solution for monitoring and managing online services. Prior to version 8.0.5567, OneUptime is vulnerable to privilege escalation via Login Response Manipulation. During the login process, the server response included a parameter called isMasterAdmin. By intercepting and modifying...

6.9CVSS7.2AI score0.00264EPSS
Exploits1References4
OSV
OSV
added 2025/11/25 10:55 p.m.3 views

GHSA-675Q-66GF-GQG8 OneUptime is Vulnerable to Privilege Escalation via Login Response Manipulation

Summary During the login process, the server response included a parameter called isMasterAdmin. By intercepting and modifying this parameter value from false to true, a user is able to gain access to the admin dashboard interface. However, despite accessing the admin panel, the user does not hav...

6.9CVSS6.9AI score0.00264EPSS
Exploits1References4
EUVD
EUVD
added 2025/11/25 10:55 p.m.4 views

EUVD-2025-199657

OneUptime is Vulnerable to Privilege Escalation via Login Response Manipulation...

6.4AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/25 12:0 a.m.12 views

PT-2025-48172

Name of the Vulnerable Software and Affected Versions OneUptime versions prior to 8.0.5567 Description OneUptime, a service monitoring solution, contains a flaw that allows for privilege escalation. By altering the isMasterAdmin parameter within the login response, an attacker can potentially gai...

8.2CVSS6.6AI score0.00264EPSS
Exploits1References12
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-44282

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00583EPSS
Exploits0References1
Rows per page
Query Builder