Lucene search
K

447 matches found

NVD
NVD
added 2017/08/29 3:29 p.m.20 views

CVE-2015-3657

Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated lower-level administrators to gain "Super Admin" privileges via unspecified vectors...

7.2CVSS6.9AI score0.01134EPSS
Exploits0References2
CVE
CVE
added 2017/08/29 3:0 p.m.47 views

CVE-2015-3657

The CVE-2015-3657 entry concerns Aruba Networks ClearPass Policy Manager. Affected versions are CPPM before 6.4.7 and 6.5.x before 6.5.2. A remote attacker who is an authenticated lower‑level administrator can escalate to Super Admin privileges via unspecified vectors. The vulnerability is descri...

7.2CVSS6.8AI score0.01134EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2017/08/07 6:29 a.m.21 views

CVE-2017-6747

A vulnerability in the authentication module of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to bypass local authentication. The vulnerability is due to improper handling of authentication requests and policy assignment for externally authenticated users. An...

9.8CVSS9.4AI score0.05476EPSS
Exploits0References2
OSV
OSV
added 2017/08/07 6:29 a.m.3 views

CVE-2017-6747

A vulnerability in the authentication module of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to bypass local authentication. The vulnerability is due to improper handling of authentication requests and policy assignment for externally authenticated users. An...

9.8CVSS5.8AI score0.05476EPSS
Exploits0References2
CVE
CVE
added 2017/08/07 6:0 a.m.67 views

CVE-2017-6747

Cisco Identity Services Engine (ISE) and related appliances (ISE Express and ISE Virtual Appliance) are affected by CVE-2017-6747, a unauthenticated remote authentication bypass vulnerability in the authentication module. The issue arises from improper handling of authentication requests and poli...

9.8CVSS9.3AI score0.05476EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2017/08/03 12:0 a.m.31 views

Cisco Identity Services Engine Authentication Bypass Vulnerability (cisco-sa-20170802-ise)

A vulnerability in the authentication module of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to bypass local authentication. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...

9.8CVSS8.6AI score0.05476EPSS
Exploits0References1
Cisco
Cisco
added 2017/08/02 4:0 p.m.41 views

Cisco Identity Services Engine Authentication Bypass Vulnerability

A vulnerability in the authentication module of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to bypass local authentication. The vulnerability is due to improper handling of authentication requests and policy assignment for externally authenticated users. An...

8.1CVSS9.6AI score0.05476EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/19 12:0 a.m.4 views

Cross-Site Scripting Vulnerability in LvyeCMS

LvyeCms 旅烨cms is a php content management system based on ThinkPHP. A cross-site scripting vulnerability exists in LvyeCMS. The vulnerability stems from the system not strictly filtering the backend parameters. An attacker can obtain super admin login privileges by constructing a specially crafte...

6.3AI score
Exploits0
seebug.org
seebug.org
added 2016/01/26 12:0 a.m.18 views

Mao10CMS user_register.php 添加超级管理员逻辑漏洞

No description provided by source...

7.1AI score
Exploits0
NVD
NVD
added 2015/10/05 2:59 p.m.17 views

CVE-2015-7685

GLPI before 0.85.3 allows remote authenticated users to create super-admin accounts by leveraging permissions to create a user and the profilesid parameter to front/user.form.php...

4CVSS6.2AI score0.01674EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2015/10/05 2:59 p.m.27 views

CVE-2015-7685

GLPI before 0.85.3 allows remote authenticated users to create super-admin accounts by leveraging permissions to create a user and the profilesid parameter to front/user.form.php...

4CVSS5.9AI score0.01674EPSS
Exploits0References4
OSV
OSV
added 2015/10/05 2:59 p.m.4 views

UBUNTU-CVE-2015-7685

GLPI before 0.85.3 allows remote authenticated users to create super-admin accounts by leveraging permissions to create a user and the profilesid parameter to front/user.form.php...

4CVSS5.8AI score0.01674EPSS
Exploits0References5
CVE
CVE
added 2015/10/05 2:0 p.m.47 views

CVE-2015-7685

CVE-2015-7685 affects GLPI before 0.85.3. A remote authenticated user can escalate privileges by abusing the create user path and the _profiles_id parameter in front/user.form.php to create a super-admin account. The root cause is improper handling of permissions when creating users via that form...

4CVSS6.4AI score0.01674EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2015/10/05 2:0 p.m.24 views

CVE-2015-7685

GLPI before 0.85.3 allows remote authenticated users to create super-admin accounts by leveraging permissions to create a user and the profilesid parameter to front/user.form.php...

6.2AI score0.01674EPSS
Exploits0References3
Mageia
Mageia
added 2015/05/11 8:10 p.m.14 views

Updated glpi packages fix a security vulnerability

Updated glpi package fixes security vulnerability: Any user who has the rights to create a new user can create a super-admin user...

1.3AI score
Exploits0References3
OSV
OSV
added 2015/05/11 8:10 p.m.3 views

MGASA-2015-0204 Updated glpi packages fix a security vulnerability

Updated glpi package fixes security vulnerability: Any user who has the rights to create a new user can create a super-admin user...

7.1AI score
Exploits0References4
Packet Storm
Packet Storm
added 2015/02/18 12:0 a.m.53 views

GLPI 0.85.2 Shell Upload / Privilege Escalation

Multiple vulnerabilities have been identified in GLPI http://www.glpi-project.org. 1/ Arbitrary file upload Severity: Important Versions Affected =========== All versions between 0.85 and 0.85.2 Description ======= When an user wants to create a new ticket, he has the possibility to add an...

0.7AI score
Exploits0
NVD
NVD
added 2014/08/18 11:15 a.m.24 views

CVE-2014-5240

Cross-site scripting XSS vulnerability in wp-includes/pluggable.php in WordPress before 3.9.2, when Multisite is enabled, allows remote authenticated administrators to inject arbitrary web script or HTML, and obtain Super Admin privileges, via a crafted avatar URL...

2.1CVSS5.2AI score0.02196EPSS
Exploits0References4
OSV
OSV
added 2014/08/18 11:15 a.m.4 views

DEBIAN-CVE-2014-5240

Cross-site scripting XSS vulnerability in wp-includes/pluggable.php in WordPress before 3.9.2, when Multisite is enabled, allows remote authenticated administrators to inject arbitrary web script or HTML, and obtain Super Admin privileges, via a crafted avatar URL...

2.1CVSS5.6AI score0.02196EPSS
Exploits0References1
OSV
OSV
added 2014/08/18 11:15 a.m.8 views

CVE-2014-5240

Cross-site scripting XSS vulnerability in wp-includes/pluggable.php in WordPress before 3.9.2, when Multisite is enabled, allows remote authenticated administrators to inject arbitrary web script or HTML, and obtain Super Admin privileges, via a crafted avatar URL...

5.2AI score
Exploits0References5
Rows per page
Query Builder