37 matches found
CVE-2026-55077
Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the PUT /api/v2/users/user/password endpoint authorized only ActionUpdatePersonal and did not prevent a user-admin from resetting an owner account's passwor...
CVE-2026-55077
CVE-2026-55077 affects CodeR (github.com/coder/coder) prior to certain patched releases. The vulnerable endpoint is PUT /api/v2/users/{user}/password, which previously allowed a user-admin to reset an owner’s password because the permission set was limited to ActionUpdatePersonal and did not requ...
GHSA-29XF-69GQ-M9JX Coder: User-admin role can reset owner account password
Summary The PUT /api/v2/users/user/password endpoint authorized only ActionUpdatePersonal and did not prevent a user-admin from resetting an owner account's password. It also did not require the current password when an admin reset another user's password. Note: Exploitation requires the privileg...
Coder: User-admin role can reset owner account password
Summary The PUT /api/v2/users/user/password endpoint authorized only ActionUpdatePersonal and did not prevent a user-admin from resetting an owner account's password. It also did not require the current password when an admin reset another user's password. Note: Exploitation requires the privileg...
PT-2026-56067
Name of the Vulnerable Software and Affected Versions Coder versions prior to 2.34.2 Coder versions prior to 2.33.8 Coder versions prior to 2.32.7 Coder versions prior to 2.29.17 Description An issue exists where the PUT /api/v2/users/user/password endpoint only authorized the ActionUpdatePersona...
CVE-2026-32991
Improper authorization checks of team members privileges allow a team member to escalate privileges to the team owner account...
EUVD-2026-32901
A user with physical access to a smartphone can bypass authentication mechanism of Kidsview mobile application and grant himself full access to the device owner's account by interacting with application's push notification. This issue was fixed in version 4.4.3...
PT-2026-42521
Open ISES Tickets before 3.44.2 embeds a hardcoded WhitePages reverse-phone API key in wp1.php that is committed to the public source repository. Any actor with read access to the source tree can extract the key and use it to make third-party API calls billed to or rate-limited against the origin...
EUVD-2026-30205
Improper authorization checks of team members privileges allow a team member to escalate privileges to the team owner account...
CVE-2026-32991
Improper authorization checks of team members privileges allow a team member to escalate privileges to the team owner account...
CVE-2026-32991
Improper authorization checks of team members privileges allow a team member to escalate privileges to the team owner account...
CVE-2026-32991
Improper authorization checks of team members privileges allow a team member to escalate privileges to the team owner account...
CVE-2026-32991
CVE-2026-32991 arises from improper authorization checks of team member privileges in cPanel & WHM, enabling a team member to escalate to the team owner account. The PT Security entries consolidate multiple CVEs and indicate a patch will be released May 13, 1:00 PM EST, addressing CVE-2026-32991 ...
CVE-2026-32991
Improper authorization checks of team members privileges allow a team member to escalate privileges to the team owner account...
cPanel 安全漏洞
cPanel is a web-based automated hosting platform developed by the cPanel company in the United States. This platform is primarily used for automating the management of websites and servers. cPanel has security vulnerabilities, which stem from improper permission authorization checks by team...
Exploit for CVE-2025-66849
CVE-2025-66849 Ghost CMS Privilege Escalation PoC Summar...
StudioCMS: IDOR — Admin-to-Owner Account Takeover via Password Reset Link Generation
Summary The POST /studiocmsapi/dashboard/create-reset-link endpoint allows any authenticated user with admin privileges to generate a password reset token for any other user, including the owner account. The handler verifies that the caller is an admin but does not enforce role hierarchy, nor doe...
GHSA-H7VR-CG25-JF8C StudioCMS: IDOR — Admin-to-Owner Account Takeover via Password Reset Link Generation
Summary The POST /studiocmsapi/dashboard/create-reset-link endpoint allows any authenticated user with admin privileges to generate a password reset token for any other user, including the owner account. The handler verifies that the caller is an admin but does not enforce role hierarchy, nor doe...
CVE-2026-32103 StudioCMS: IDOR — Admin-to-Owner Account Takeover via Password Reset Link Generation
StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.3, the POST /studiocmsapi/dashboard/create-reset-link endpoint allows any authenticated user with admin privileges to generate a password reset token for any other user, including the owner account...
CVE-2026-32103 StudioCMS: IDOR — Admin-to-Owner Account Takeover via Password Reset Link Generation
StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.3, the POST /studiocmsapi/dashboard/create-reset-link endpoint allows any authenticated user with admin privileges to generate a password reset token for any other user, including the owner account...