Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/11/21 4:38 p.m.9 views

CVE-2025-62730

SOPlanning is vulnerable to Privilege Escalation in user management tab. Users with usermanageteam role are allowed to modify permissions of users. However, they are able to assign administrative permissions to any user including themselves. This allow a malicious authenticated attacker with this...

8.8CVSS7AI score0.00261EPSS
Exploits0References1
OSV
OSV
added 2025/11/20 4:16 p.m.6 views

CVE-2025-62730

SOPlanning is vulnerable to Privilege Escalation in user management tab. Users with usermanageteam role are allowed to modify permissions of users. However, they are able to assign administrative permissions to any user including themselves. This allow a malicious authenticated attacker with this...

8.8CVSS5.8AI score0.00261EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/20 12:0 a.m.10 views

PT-2025-47599

Name of the Vulnerable Software and Affected Versions SOPlanning versions prior to 1.55 Description SOPlanning has a flaw that allows privilege escalation through the user management tab. Users assigned the user manage team role can modify user permissions, including granting administrative...

8.8CVSS6.9AI score0.00261EPSS
Exploits0References8
CNVD
CNVD
added 2022/06/09 12:0 a.m.24 views

Online Fire Reporting System SQL Injection Vulnerability (CNVD-2022-55741)

Online Fire Reporting System is an online fire reporting system from Carlo Montero's personal developer. version v1.0 of Online Fire Reporting System is vulnerable to SQL injection, which originates from /ofrs/admin/?page=teams/ manageteam...

7.2CVSS2.7AI score0.01971EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/06/02 2:16 p.m.2 views

CVE-2022-31980

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/manageteam&id=...

7.2CVSS7.2AI score0.01971EPSS
Exploits1References2
OSV
OSV
added 2022/06/02 2:15 p.m.6 views

CVE-2022-31959

Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/teams/manageteam.php?id=...

9.8CVSS5.8AI score0.01081EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/06/02 12:0 a.m.5 views

Online Fire Reporting System SQL注入漏洞

Online Fire Reporting System is an online fire reporting system from Carlo Montero's personal developer. version v1.0 of Online Fire Reporting System is vulnerable to SQL injection, which originates from /ofrs/admin/?page=teams/ manageteam...

7.2CVSS5.7AI score0.01971EPSS
Exploits1References2
OSV
OSV
added 2020/07/22 6:48 p.m.4 views

DRUPAL-CONTRIB-2020-028

The Apigee Edge module allows connecting a Drupal site to Apigee Edge in order to build a developer portal. It contains an "Apigee Edge Teams" submodule that provides shared app functionality by allowing developers to be organized into teams. The "Apigee Edge Teams" submodule has an information...

6.1AI score
Exploits0References1
Rows per page
Query Builder