Lucene search
+L

461 matches found

NVD
NVD
added yesterday5 views

CVE-2026-62233

grav-plugin-api before 1.0.6 fails to validate super-admin status in createApiKey, generate2fa, and disable2fa endpoints, allowing non-super api.users.write managers to escalate to super-admin. Attackers can mint API keys bound to super-admin accounts or strip 2FA from super-admin users to achiev...

8.8CVSS0.00246EPSS
Exploits0References2
Cvelist
Cvelist
added yesterday18 views

CVE-2026-62233 grav-plugin-api < 1.0.6 Privilege Escalation via createApiKey

grav-plugin-api before 1.0.6 fails to validate super-admin status in createApiKey, generate2fa, and disable2fa endpoints, allowing non-super api.users.write managers to escalate to super-admin. Attackers can mint API keys bound to super-admin accounts or strip 2FA from super-admin users to achiev...

8.8CVSS0.00246EPSS
Exploits0References2
CVE
CVE
added yesterday11 views

CVE-2026-62233

CVE-2026-62233 affects grav-plugin-api prior to 1.0.6. The issue: createApiKey, generate2fa, and disable2fa endpoints fail to validate super-admin status, allowing non-super api.users.write managers to escalate to super-admin. As described, attackers can mint API keys bound to super-admin account...

8.8CVSS6.1AI score0.00246EPSS
Exploits0References2
EUVD
EUVD
added yesterday7 views

EUVD-2026-45121

grav-plugin-api before 1.0.6 fails to validate super-admin status in createApiKey, generate2fa, and disable2fa endpoints, allowing non-super api.users.write managers to escalate to super-admin. Attackers can mint API keys bound to super-admin accounts or strip 2FA from super-admin users to achiev...

8.8CVSS6.1AI score0.00246EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago32 views

CVE-2026-57996 phpMyFAQ - Privilege Escalation via Missing SuperAdmin Guard in user/add Endpoint

phpMyFAQ before 4.1.5 contains a privilege escalation vulnerability in the user/add API endpoint that allows non-SuperAdmin administrators to create SuperAdmin accounts. A delegated administrator with USERADD/EDIT/DELETE permissions can call POST /admin/api/user/add with isSuperAdmin: true and...

8.8CVSS0.00246EPSS
Exploits0References2
Cvelist
Cvelist
added 6 days ago35 views

CVE-2026-56241 Capgo - RBAC Demotion Privilege Retention via Stale org_users.user_right

Capgo before 12.128.2 contains a privilege escalation vulnerability where demoted superadmin users retain access to deletenoncompliantbundles and countnoncompliantbundles RPCs due to stale orgusers.userright column not being cleared during role binding deletion. Attackers can exploit this by...

8.3CVSS0.00211EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago8 views

EUVD-2026-43224

Capgo before 12.128.2 contains a privilege escalation vulnerability where demoted superadmin users retain access to deletenoncompliantbundles and countnoncompliantbundles RPCs due to stale orgusers.userright column not being cleared during role binding deletion. Attackers can exploit this by...

8.3CVSS6.1AI score0.00211EPSS
Exploits0References2
OSV
OSV
added 2026/07/10 7:45 p.m.6 views

CVE-2026-55481 Snipe-IT: CSS Injection via `header_color` Setting

Snipe-IT is an IT asset/license management system. Prior to 8.6.2, default.blade.php renders headercolor and related branding color settings inside a CSS style block with HTML escaping that is insufficient for the CSS context, allowing a superadmin to inject arbitrary CSS that affects authenticat...

6.2CVSS6.2AI score0.00236EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/08 1:49 p.m.5 views

EUVD-2026-42266

Grav API plugin before v1.0.0-rc.16 accepts JWT tokens via the ?token= URL query parameter and responds with Access-Control-Allow-Origin: , allowing unauthenticated attackers to make fully authenticated cross-origin API requests from any malicious website. Attackers who obtain a leaked JWT token...

8.7CVSS6AI score0.00271EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/21 1:26 p.m.31 views

CVE-2026-56251 Capgo - Privilege Escalation via Broken Row Level Security in org_users

Capgo before 12.128.2 contains a broken row level security policy in the orgusers table that allows authenticated users to elevate privileges from admin to superadmin. Attackers can exploit the insufficient RLS enforcement to gain unauthorized superadmin access and compromise system security...

7CVSS0.00246EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/21 1:26 p.m.8 views

EUVD-2026-38168

Capgo before 12.128.2 contains a broken row level security policy in the orgusers table that allows authenticated users to elevate privileges from admin to superadmin. Attackers can exploit the insufficient RLS enforcement to gain unauthorized superadmin access and compromise system security...

7CVSS5.8AI score0.00246EPSS
Exploits0References2
OSV
OSV
added 2026/06/21 1:26 p.m.3 views

CVE-2026-56251 Capgo - Privilege Escalation via Broken Row Level Security in org_users

Capgo before 12.128.2 contains a broken row level security policy in the orgusers table that allows authenticated users to elevate privileges from admin to superadmin. Attackers can exploit the insufficient RLS enforcement to gain unauthorized superadmin access and compromise system security...

7CVSS6AI score0.00246EPSS
Exploits0References4
CVE
CVE
added 2026/06/21 1:26 p.m.18 views

CVE-2026-56251

Capgo before 12.128.2 contains a broken row-level security policy in the org_users table that can let authenticated users elevate privileges from admin to super_admin due to insufficient RLS enforcement, enabling unauthorized super_admin access and system compromise. The issue is documented with ...

7CVSS5.8AI score0.00246EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/21 12:0 a.m.22 views

PT-2026-51222

Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description A broken row level security RLS policy in the org users table allows authenticated users to elevate their privileges from admin to super admin. This insufficient RLS enforcement enables attackers to...

7CVSS5.9AI score0.00246EPSS
Exploits0References7
NVD
NVD
added 2026/06/19 10:16 p.m.21 views

CVE-2026-56080

Capgo before 12.128.2 contains a flaw in the Enforce Password Policy feature: after a Super Admin enables the policy and successfully changes their password to a compliant one, the backend does not update the password-compliance state. As a result, the backend continues to treat the account as...

6.9CVSS0.00299EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:34 p.m.13 views

CVE-2026-10070

A vulnerability was found in macrozheng mall up to 1.0.3. This affects an unknown function of the file /admin/update/ of the component Super Admin Password Handler. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possible. The vendor deleted the...

5.8CVSS5.2AI score0.00218EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/29 4:15 p.m.40 views

CVE-2026-10070 macrozheng mall Super Admin Password update improper authorization

A vulnerability was found in macrozheng mall up to 1.0.3. This affects an unknown function of the file /admin/update/ of the component Super Admin Password Handler. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possible. The vendor deleted the...

5.8CVSS0.00218EPSS
Exploits0References5
CVE
CVE
added 2026/05/29 4:15 p.m.21 views

CVE-2026-10070

CVE-2026-10070 affects macrozheng mall up to version 1.0.3, specifically the Super Admin Password Handler in the /admin/update/ path. The root cause is improper authorization when performing a manipulation, enabling remote exploitation. The description notes that exploitation is possible remotely...

5.8CVSS5.5AI score0.00218EPSS
Exploits0References5
OSV
OSV
added 2026/05/29 4:15 p.m.3 views

CVE-2026-10070 macrozheng mall Super Admin Password update improper authorization

A vulnerability was found in macrozheng mall up to 1.0.3. This affects an unknown function of the file /admin/update/ of the component Super Admin Password Handler. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possible. The vendor deleted the...

5.1CVSS5.7AI score0.00218EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.24 views

PT-2026-44921

A vulnerability was found in macrozheng mall up to 1.0.3. This affects an unknown function of the file /admin/update/ of the component Super Admin Password Handler. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possible. The vendor deleted the...

5.8CVSS5.5AI score0.00218EPSS
Exploits0References6
Rows per page
Query Builder