153 matches found
usememos/memos vulnerable to improper authorization
usememos/memos is an open-source, self-hosted memo hub with knowledge management and socialization. Memos versions prior to 0.9.0 are vulnerable to improper authorization, which can allow a user to modify the nickname, username and email of other users without permission...
GHSA-VWG4-846X-F94V usememos/memos vulnerable to improper authorization
usememos/memos is an open-source, self-hosted memo hub with knowledge management and socialization. Memos versions prior to 0.9.0 are vulnerable to improper authorization, which can allow a user to modify the nickname, username and email of other users without permission...
A user can update information / password from other users
Description A user neither admin nor host can modify nickname, username and email from other users without permission, being a normal user. Steps to Reproduce 1. Login as user A here, called "ileana.maricel", HOST role. 2. In another browser login as user B called "ileana.mariceel", USER role. Co...
CVE-2022-22524 SQL-injection in Carlo Gavazzi UWP 3.0 allows for full database access
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 an unauthenticated remote attacker could utilize a SQL-Injection vulnerability to gain full database access, modify users and stop services...
Carlo Gavazzi UWP SQL注入漏洞
Carlo Gavazzi UWP is a monitoring and control Universal Web Platform from Carlo Gavazzi. for applications such as building automation, energy efficiency performance management and parking lot guidance. Carlo Gavazzi UWP 3.0 suffers from a SQL injection vulnerability that can be exploited by a...
CVE-2021-39394
mm-wiki v0.2.1 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily add user accounts and modify user information...
Researchers Disclose Critical Flaws in Industrial Access Controllers from HID Mercury
As many as four zero-day security vulnerabilities have been disclosed in the HID Mercury access controller system that's used widely in healthcare, education, transportation, and government facilities. "The vulnerabilities uncovered allowed us to demonstrate the ability to remotely unlock and loc...
GHSA-C273-C6VG-4PV5 Publify has Improper Access Controls
A low-privileged user can modify and delete admin articles by changing the value of the articleid parameter prior to 9.2.9...
CVE-2022-27421
Chamilo LMS v1.11.13 lacks validation on the user modification form, allowing attackers to escalate privileges to Platform Admin...
Design/Logic Flaw
Chamilo LMS v1.11.13 lacks validation on the user modification form, allowing attackers to escalate privileges to Platform Admin...
CVE-2022-27421
CVE-2022-27421 affects Chamilo LMS v1.11.13. The issue is a lack of validation on the user modification form, which allows an attacker to escalate privileges to Platform Admin. Affected component is the user modification flow; root cause is insufficient input validation. Impact per sources: privi...
CVE-2022-27421
Chamilo LMS v1.11.13 lacks validation on the user modification form, allowing attackers to escalate privileges to Platform Admin...
CVE-2022-27421
Chamilo LMS v1.11.13 lacks validation on the user modification form, allowing attackers to escalate privileges to Platform Admin...
PT-2022-18415 · Unknown · Chamilo Lms
Name of the Vulnerable Software and Affected Versions: Chamilo LMS version 1.11.13 Description: The issue is related to a lack of validation on the user modification form, which allows attackers to escalate privileges to Platform Admin. Recommendations: For Chamilo LMS version 1.11.13, update to ...
CVE-2021-22023
The vRealize Operations Manager API 8.x prior to 8.5 has insecure object reference vulnerability. A malicious actor with administrative access to vRealize Operations Manager API may be able to modify other users information leading to an account takeover...
Authorization
The Workreap WordPress theme before 2.2.2 had several AJAX actions missing authorization checks to verify that a user was authorized to perform critical operations such as modifying or deleting objects. This allowed a logged in user to modify or delete objects belonging to other users on the site...
Securepoint SSL VPN Client Access Control Error Vulnerability
Securepoint SSL VPN Client is an open source SSL VPN client for Windows. An access control error vulnerability exists in Securepoint SSL VPN Client v2, which arises from a failure to secure the software's configuration features. An attacker can escalate local privileges to NT AUTHORITYSYSTEM to...
Design/Logic Flaw
An Insecure Direct Object Reference IDOR vulnerability in Annex Cloud Loyalty Experience Platform 2021.1.0.1 allows any authenticated attacker to modify any existing user, including users assigned to different environments and clients. It was fixed in v2021.1.0.2...
Improper Access Control in idno/known
✍️ Description A logged in user can edit 'Public' or 'Members only' status of other users 🕵️♂️ Proof of Concept 1. Create a 'Public' or 'Members only' status update with a first user 2. Login with a second user and go to the root page e.g. http://yoursite/known where you can see the status of the...
CVE-2020-35722
CSRF in Web Compliance Manager in Quest Policy Authority 8.1.2.200 allows remote attackers to force user modification/creation via a specially crafted link to the submitUser.jsp file. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...