Admidio 安全漏洞

Admidio is a set of open-source member management systems developed by the Admidio team. This system supports features such as member lists, event management, message boards, photo albums, and downloads. Versions of Admidio prior to 5.0.6 contained security vulnerabilities. These vulnerabilities...

CVE-2026-30927

Admidio is an open-source user management solution. Prior to 5.0.6, in modules/events/eventsfunction.php, the event participation logic allows any user who can participate in an event to register OTHER users by manipulating the useruuid GET parameter. The condition uses || OR, meaning if...

EUVD-2026-10439

Admidio is an open-source user management solution. Prior to 5.0.6, in modules/events/eventsfunction.php, the event participation logic allows any user who can participate in an event to register OTHER users by manipulating the useruuid GET parameter. The condition uses || OR, meaning if...

PT-2026-24152

Name of the Vulnerable Software and Affected Versions Admidio versions prior to 5.0.6 Description Admidio is a user management solution. A flaw exists in the event participation logic within the modules/events/events function.php file. This allows any user permitted to participate in an event to...

Admidio: Event participation IDOR - non-leaders can register other users for events via user_uuid parameter

Register unwilling users for events potential harassment/spam - Cancel other users' event participation - Manipulate event participant counts and comments - If events have participation limits, fill slots with unwanted registrations...