3 matches found
PT-2026-54050
Name of the Vulnerable Software and Affected Versions phpMyFAQ versions prior to 4.1.5 Description An issue exists in the updatePermissions function within the GroupController that allows administrators with GROUP EDIT privileges to grant arbitrary rights to groups without verifying if they posse...
CVE-2019-2200
In updatePermissions of PermissionManagerService.java, it may be possible for a malicious app to obtain a custom permission from another app due to a permission bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for...
CVE-2019-2200
In updatePermissions of PermissionManagerService.java, it may be possible for a malicious app to obtain a custom permission from another app due to a permission bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for...