Lucene search
K

18 matches found

NVD
NVD
added yesterday6 views

CVE-2026-53645

FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 allow a low-privileged staff account to grant arbitrary module permissions to itself through the admin API, resulting in persistent privilege escalation. A staff user that only has...

8.5CVSS0.00031EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-53645

FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 allow a low-privileged staff account to grant arbitrary module permissions to itself through the admin API, resulting in persistent privilege escalation. A staff user that only has...

8.5CVSS6AI score0.00031EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added yesterday25 views

CVE-2026-53645 FOSSBilling's missing self-edit prevention in staff permission management allows persistent privilege escalation

FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 allow a low-privileged staff account to grant arbitrary module permissions to itself through the admin API, resulting in persistent privilege escalation. A staff user that only has...

8.5CVSS0.00031EPSS
Exploits0References1
CVE
CVE
added yesterday11 views

CVE-2026-53645

CVE-2026-53645 affects FOSSBilling prior to 0.8.0. A low-privileged staff member with staff.create_and_edit_staff can call /api/admin/staff/permissions_update to modify their own permissions, bypassing RBAC and enabling persistent privilege escalation. Version 0.8.0 patches the issue. Workarounds...

8.5CVSS6AI score0.00031EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/11 1:22 a.m.4 views

CVE-2026-35477

InvenTree is an Open Source Inventory Management System. From 1.2.3 to 1.2.6, the fix for CVE-2026-27629 upgraded the PARTNAMEFORMAT validator to use jinja2.sandbox.SandboxedEnvironment. However, the actual renderer in part/helpers.py was not updated and still uses the non-sandboxed...

9.9CVSS6AI score0.00259EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/08 7:27 p.m.5 views

EUVD-2026-20592

InvenTree is an Open Source Inventory Management System. Prior to 1.2.7 and 1.3.0, any users who have staff access permissions can install plugins via the API, without requiring "superuser" account access. This level of permission requirement is out of alignment with other plugin actions such as...

6.6CVSS6AI score0.00216EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.4 views

PT-2026-31436

InvenTree is an Open Source Inventory Management System. Prior to 1.2.7 and 1.3.0, any users who have staff access permissions can install plugins via the API, without requiring "superuser" account access. This level of permission requirement is out of alignment with other plugin actions such as...

6.6CVSS6AI score0.00216EPSS
Exploits0References4
NVD
NVD
added 2026/03/20 11:16 p.m.9 views

CVE-2026-33423

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, staff can modify any user's group notification level. Versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 contain a patch. No known workarounds are available...

5.3CVSS0.00198EPSS
Exploits0References1
CVE
CVE
added 2026/03/13 7:23 a.m.8 views

CVE-2026-1704

CVE-2026-1704 affects the WordPress plugin Appointment Booking Calendar — Simply Schedule Appointments (all versions up to and including 1.6.9.29). The root cause is Insecure Direct Object Reference via get_item_permissions_check, which grants access to the ssa_manage_appointments capability with...

4.3CVSS5.8AI score0.00212EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/02/26 4:15 a.m.6 views

CVE-2026-27629

InvenTree is an Open Source Inventory Management System. Prior to version 1.2.3, insecure server-side templates can be hijacked to expose secure information to the client. When generating custom batch codes, the InvenTree server makes use of a customizable jinja2 template, which can be modified b...

8.8CVSS6AI score0.00259EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/25 2:48 a.m.6 views

CVE-2026-27629

InvenTree is an Open Source Inventory Management System. Prior to version 1.2.3, insecure server-side templates can be hijacked to expose secure information to the client. When generating custom batch codes, the InvenTree server makes use of a customizable jinja2 template, which can be modified b...

8.8CVSS6AI score0.00259EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/02/25 2:48 a.m.12 views

EUVD-2026-8602

InvenTree is an Open Source Inventory Management System. Prior to version 1.2.3, insecure server-side templates can be hijacked to expose secure information to the client. When generating custom batch codes, the InvenTree server makes use of a customizable jinja2 template, which can be modified b...

5.9CVSS6AI score0.00259EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/21 12:0 a.m.7 views

CVAT.ai CVAT security vulnerability

CVAT.ai CVAT is an open-source data processing tool developed by CVAT.ai. Versions of CVAT.ai prior to 2.54.0 contained security vulnerabilities. These vulnerabilities stemmed from the ability for users in a staff status to freely change their own permissions, potentially leading to privilege...

8.8CVSS5.8AI score0.00255EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2010-0636

Malware in sbrugna...

7.5CVSS6.4AI score0.03048EPSS
Exploits1References6
CVE
CVE
added 2024/06/14 4:36 a.m.57 views

CVE-2024-1094

The CVE-2024-1094 entry concerns the Timetics WP Timetics- AI-powered Appointment Booking with Visual Seat Plan and Calendar Scheduling plugin for WordPress. Affected versions are all up to and including 1.0.21, with a missing capability check in make_staff() that allows unauthenticated users to ...

7.3CVSS5.9AI score0.00542EPSS
Exploits0References2
Hacker One
Hacker One
added 2023/01/03 12:12 p.m.11 views

Shopify: Non-store owners can transfer Shopify-managed domain to another domain provider

A vulnerability was found where Shopify staff members without the 'Transfer domain to another Shopify store' permission were able to transfer Shopify-managed domains to external domain providers. This allowed non-store owners to transfer store domains outside of Shopify's control...

7AI score
Exploits0
Hacker One
Hacker One
added 2017/07/29 9:6 a.m.23 views

Shopify: Removed staff members who had "Manage shops" permission can still create development stores

Details: It's been found that staff members of an organization in partners.shopify.com can have a permission to manage shops and those with that permission can create development stores that will be associated with the organization. When a staff member tries to create a development store, a POST...

0.3AI score
Exploits0
NVD
NVD
added 2010/02/11 5:30 p.m.13 views

CVE-2010-0605

SQL injection vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows remote authenticated users, with "Staff" permissions, to execute arbitrary SQL commands via the input parameter...

7.5CVSS8AI score0.03048EPSS
Exploits1References5
Rows per page
Query Builder