Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
administrator privileges vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-11196
An authentication bypass vulnerability in all versions of ValuePLUS Integrated University Management System (IUMS) allows unauthenticated, remote malicious users to gain administrator privileges via the Teachers Web Panel (TWP) User ID or Password field. If exploited, the attacke...
Vpcsbd Integrated University Management System
8.8
CVSSv3
CVE-2021-1574
Multiple vulnerabilities in the web-based management interface of Cisco Business Process Automation (BPA) could allow an authenticated, remote malicious user to elevate privileges to Administrator. These vulnerabilities are due to improper authorization enforcement for specific f...
Cisco Business Process Automation
8.8
CVSSv3
CVE-2021-1576
Multiple vulnerabilities in the web-based management interface of Cisco Business Process Automation (BPA) could allow an authenticated, remote malicious user to elevate privileges to Administrator. These vulnerabilities are due to improper authorization enforcement for specific f...
Cisco Business Process Automation
4.8
CVSSv3
CVE-2023-32000
A Cross-Site Scripting (XSS) vulnerability found in UniFi Network (Version 7.3.83 and previous versions) allows a malicious actor with Site Administrator credentials to escalate privileges by persuading an Administrator to visit a malicious web page.
Ui Unifi Network Application
NA
CVE-2003-0426
The installation of Apple QuickTime / Darwin Streaming Server prior to 4.1.3f starts the administration server with a "Setup Assistant" page that allows remote malicious users to set the administrator password and gain privileges before the real administrator.
Apple Darwin Streaming Server 4.1.3
NA
CVE-2001-1211
Ipswitch IMail 7.0.4 and previous versions allows attackers with administrator privileges to read and modify user alias and mailing list information for other domains hosted by the same server via the (1) aliasadmin or (2) listadm1 CGI programs, which do not properly verify that ...
Ipswitch Imail 6.4
Ipswitch Imail 7.0.2
Ipswitch Imail 7.0.1
Ipswitch Imail 6.1
Ipswitch Imail 6.3
Ipswitch Imail 7.0.4
Ipswitch Imail 6.2
Ipswitch Imail 7.0.3
7.2
CVSSv3
CVE-2022-31007
eLabFTW is an electronic lab notebook manager for research teams. Prior to version 4.3.0, a vulnerability allows an authenticated user with an administrator role in a team to assign itself system administrator privileges within the application, or create a new system administrato...
Elabftw Elabftw
4.9
CVSSv3
CVE-2020-23128
Chamilo LMS 1.11.10 does not properly manage privileges which could allow a user with Sessions administrator privilege to create a new user then use the edit user function to change this new user to administrator privilege.
Chamilo Chamilo Lms 1.11.10
5.4
CVSSv3
CVE-2018-7188
An XSS vulnerability (via an SVG image) in Tiki prior to 18 allows an authenticated user to gain administrator privileges if an administrator opens a wiki page with a malicious SVG image, related to lib/filegals/filegallib.php.
Tiki Tikiwiki Cms/groupware
6.7
CVSSv3
CVE-2021-20079
Nessus versions 8.13.2 and previous versions were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to gaining administrator privileges on the Nessus host.
Tenable Nessus
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »