Improper Access Control

getgrav/grav-plugin-api is vulnerable to Improper Access Control. The vulnerability is due to an insecure direct object reference and flawed permission update logic in UsersController::update, which allows an attacker to escalate privileges to Super Administrator and gain full system access...

CVE-2026-42843 grav-plugin-api: Grav API Privilege Escalation to Super Admin

Grav API Plugin is a RESTful API for Grav CMS that provides full headless access to your site's content, media, configuration, users, and system management. Prior to 1.0.0-beta.15, an insecure direct object reference and logic flaw in the Grav API plugin UsersController::update allows any...

Grav API Privilege Escalation to Super Admin

Summary An insecure direct object reference and logic flaw in the Grav API plugin UsersController::update allows any authenticated user with basic API access api.access to modify their own permission configuration. An attacker can exploit this to escalate their privileges to Super Administrator...

PT-2026-37282

Name of the Vulnerable Software and Affected Versions Grav API Plugin versions prior to 1.0.0-beta.15 Description An insecure direct object reference and logic flaw in the update function of the UsersController allows any authenticated user with basic api.access permissions to modify their own...

ANT-2026-ZQ8AY22X · CraftCMS · privilege-escalation

privilege-escalation high GHSA-cc7p-2j3x-x7xf Severity Claude high · Security research firm - · Maintainer high Discovered by Claude Mythos Preview REPORT The report below was sent to the maintainer and sealed at approval. ANT-2026-ZQ8AY22X: Privilege Escalation/Bypass through...

CVE-2026-32267

Craft CMS vulnerable to privilege escalation via UsersController->actionImpersonateWithToken. From 4.0.0-RC1 up to 4.17.5 and 5.0.0-RC1 up to 5.9.11, a low-privilege or unauthenticated user with a shared URL can escalate to admin. Patch versions: 4.17.6 and 5.9.12. CVSS 4.0 base score 9.2 (CRI...

EUVD-2026-12508

Craft CMS Vulnerable to Privilege Escalation/Bypass through UsersController-actionImpersonateWithToken...

EUVD-2025-199868

UsersController::edit in Cerebrate before 1.30 allows an authenticated non-privileged user to escalate their privileges e.g., obtain a higher role such as admin via the user-edit endpoint by supplying or modifying roleid or organisationid fields in the edit request...

CVE-2025-66385

UsersController::edit in Cerebrate before 1.30 allows an authenticated non-privileged user to escalate their privileges e.g., obtain a higher role such as admin via the user-edit endpoint by supplying or modifying roleid or organisationid fields in the edit request...

CVE-2025-10762

A vulnerability was found in kuaifan DooTask up to 1.2.49. Affected by this vulnerability is an unknown functionality of the file app/Http/Controllers/Api/UsersController.php. The manipulation of the argument keysdepartment results in sql injection. The attack can be executed remotely. The exploi...

CVE-2025-10762 kuaifan DooTask UsersController.php sql injection

A vulnerability was found in kuaifan DooTask up to 1.2.49. Affected by this vulnerability is an unknown functionality of the file app/Http/Controllers/Api/UsersController.php. The manipulation of the argument keysdepartment results in sql injection. The attack can be executed remotely. The exploi...

CVE-2025-10762

CVE-2025-10762 affects kuaifan DooTask up to version 1.2.49, specifically the file app/Http/Controllers/Api/UsersController.php. The issue arises from manipulation of the argument keys[department], causing an SQL injection. The vulnerability is exploitable remotely and the exploit has been made p...

DooTask SQL注入漏洞

DooTask is a task management tool for kuaifan individual developers. A SQL injection vulnerability exists in DooTask 1.2.49 and earlier versions, which stems from incorrect manipulation of the parameter keysdepartment in the file app/Http/Controllers/Api/UsersController.php, which could lead to a...

PT-2025-38657

Name of the Vulnerable Software and Affected Versions kuaifan DooTask versions through 1.2.49 Description A vulnerability exists in kuaifan DooTask up to version 1.2.49, specifically within the file app/Http/Controllers/Api/UsersController.php. Manipulation of the keysdepartment argument results ...

CVE-2024-3365

A vulnerability was found in SourceCodester Online Library System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file admin/users/controller.php. The manipulation of the argument username leads to cross site scripting. The attack may be initiated remotely...

CVE-2025-2304

A Privilege Escalation through a Mass Assignment exists in Camaleon CMS When a user wishes to change his password, the 'updatedajax' method of the UsersController is called. The vulnerability stems from the use of the dangerous permit! method, which allows all parameters to pass through without a...

PT-2025-11259

Name of the Vulnerable Software and Affected Versions: Camaleon CMS affected versions not specified Description: A Privilege Escalation through a Mass Assignment exists in the software. The issue arises when a user attempts to change their password, triggering the 'updated ajax' method of the...

PT-2024-33080 · Run.Codes · Run.Codes

Name of the Vulnerable Software and Affected Versions: Run.codes versions 1.5.2 and older Description: The issue is related to a reset password race condition in the UsersController.php file. This condition can be problematic and poses a risk. There is no information provided about the estimated...

run.codes 安全漏洞

run.codes is a server software from run.codes open source. A security vulnerability exists in run.codes version 1.5.2 and earlier, which stems from a Reset Password Contest Condition vulnerability in the file UsersController.php...

CVE-2022-30528

SQL Injection vulnerability in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to execute arbitrary commands via the username parameter to /system/user/modules/modusers/controller.php...