SOPlanning is vulnerable to Privilege Escalation in user management tab. Users with user_manage_team role are allowed to modify permissions of users. However, they are able to assign administrative pe
SOPlanning is vulnerable to Broken Access Control in /status endpoint. Due to lack of permission checks in Project Status functionality an authenticated attacker is able to add, edit and delete any st
Incorrect Privilege Assignment vulnerability in Saad Iqbal User Management user-management allows Privilege Escalation.This issue affects User Management: from n/a through <= 1.2.
Incorrect Privilege Assignment vulnerability in webxmedia Bulk Change Role bulk-role-change allows Privilege Escalation.This issue affects Bulk Change Role: from n/a through <= 1.1.
IBM Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2, 4.2.1, 5.0, and 5.1 enables privilege escalation, allowing unauthorized users to perform administrative operations after being demoted. Attackers co
The Configurator Theme Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.4.7. This is due to the plugin not properly validating user meta fields p
Incorrect Privilege Assignment vulnerability in Booking Activities Team Booking Activities booking-activities allows Privilege Escalation.This issue affects Booking Activities: from n/a through <= 1.1
Concrete CMS 9.5.0 and below is vulnerable to missing authorization in the bulk_user_assignment.php which can lead to privilege escalation to Administrative Group. Any authenticated user with access t
Incorrect Privilege Assignment vulnerability in mojoomla Hospital Management System allows Privilege Escalation. This issue affects Hospital Management System: from 47.0(20 through 11.
A privilege escalation issue has been discovered in GitLab EE affecting all versions starting from 16.6 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. A user assigned the A
A BOLA vulnerability in POST /admins allows a low privileged user to create a high privileged user (admin) in the system. This results in privilege escalation.
Improper access control in user group management in Devolutions Server 2025.1.7.0 and earlier allows a non-administrative user with both "User Management" and "User Group Management" permissions to pe
Incorrect Privilege Assignment vulnerability in userplus UserPlus userplus allows Privilege Escalation.This issue affects UserPlus: from n/a through <= 2.0.
PHPGurukul Hospital Management System v4.0 contains a Privilege Escalation vulnerability. A low-privileged user (Patient) can directly access the Administrator Dashboard and all sub-modules (e.g., Use
The ThreatSonar Anti-Ransomware from TeamT5 has a Privilege Escalation vulnerability, allowing remote attackers with intermediate privileges to escalate their privileges to highest administrator level
An issue was discovered in CyberDAVA before 1.1.20. A privilege escalation vulnerability allows a low-privileged user to escalate their privilege by abusing the following API due to the lack of access
Incorrect Privilege Assignment vulnerability in themexpo RS-Members rs-members allows Privilege Escalation.This issue affects RS-Members: from n/a through <= 1.0.3.
Incorrect Privilege Assignment vulnerability in Knowhalim KH Easy User Settings kh-easy-user-settings allows Privilege Escalation.This issue affects KH Easy User Settings: from n/a through <= 1.0.0.
Incorrect permission assignment for critical resource for some System Firmware Update Utility (SysFwUpdt) for Intel(R) Server Boards and Intel(R) Server Systems Based before version 16.0.12. within Ri
Incorrect default permissions for some Intel(R) One Boot Flash Update (Intel(R) OFU) software before version 14.1.31 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged
Page 1+ Next →