CVE-2026-34381 Admidio: Unauthenticated Access to Role-Restricted documents via neutralized .htaccess

Admidio is an open-source user management solution. From version 5.0.0 to before version 5.0.8, Admidio relies on admmyfiles/.htaccess to deny direct HTTP access to uploaded documents. The Docker image ships with AllowOverride None in the Apache configuration, which causes Apache to silently igno...

PT-2026-29351

Name of the Vulnerable Software and Affected Versions Admidio versions prior to 5.0.8 Description Admidio, a user management solution, allows attackers to bypass manual registration approval and potentially take over accounts. The create user, assign member, and assign user action modes in...