2 matches found
CVE-2021-41325
Broken access control for user creation in Pydio Cells 2.2.9 allows remote anonymous users to create standard users via the profile parameter. In addition, such users can be granted several admin permissions via the Roles parameter...
CVE-2014-2983
CVE-2014-2983 affects Drupal 6.x before 6.31 and 7.x before 7.27. The issue is an information disclosure where cached data from anonymous users is not properly isolated, potentially allowing remote anonymous users to access sensitive interim form input information in opportunistic scenarios via u...