Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
administrator privileges vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-11196
An authentication bypass vulnerability in all versions of ValuePLUS Integrated University Management System (IUMS) allows unauthenticated, remote malicious users to gain administrator privileges via the Teachers Web Panel (TWP) User ID or Password field. If exploited, the attacke...
Vpcsbd Integrated University Management System
7.2
CVSSv3
CVE-2023-23470
IBM i 7.2, 7.3, 7.4, and 7.5 could allow an authenticated privileged administrator to gain elevated privileges in non-default configurations, as a result of improper SQL processing. By using a specially crafted SQL operation, the administrator could exploit the vulnerability to p...
Ibm I 7.2
Ibm I 7.3
Ibm I 7.4
Ibm I 7.5
NA
CVE-1999-1414
IBM Netfinity Remote Control allows local users to gain administrator privileges by starting programs from the process manager, which runs with system level privileges.
Ibm Netfinity Remote Control
1 EDB exploit
NA
CVE-2003-0426
The installation of Apple QuickTime / Darwin Streaming Server prior to 4.1.3f starts the administration server with a "Setup Assistant" page that allows remote malicious users to set the administrator password and gain privileges before the real administrator.
Apple Darwin Streaming Server 4.1.3
4.8
CVSSv3
CVE-2023-32000
A Cross-Site Scripting (XSS) vulnerability found in UniFi Network (Version 7.3.83 and previous versions) allows a malicious actor with Site Administrator credentials to escalate privileges by persuading an Administrator to visit a malicious web page.
Ui Unifi Network Application
7.2
CVSSv3
CVE-2022-31007
eLabFTW is an electronic lab notebook manager for research teams. Prior to version 4.3.0, a vulnerability allows an authenticated user with an administrator role in a team to assign itself system administrator privileges within the application, or create a new system administrato...
Elabftw Elabftw
NA
CVE-2001-1211
Ipswitch IMail 7.0.4 and previous versions allows attackers with administrator privileges to read and modify user alias and mailing list information for other domains hosted by the same server via the (1) aliasadmin or (2) listadm1 CGI programs, which do not properly verify that ...
Ipswitch Imail 6.4
Ipswitch Imail 7.0.2
Ipswitch Imail 7.0.1
Ipswitch Imail 6.1
Ipswitch Imail 6.3
Ipswitch Imail 7.0.4
Ipswitch Imail 6.2
Ipswitch Imail 7.0.3
4.9
CVSSv3
CVE-2020-23128
Chamilo LMS 1.11.10 does not properly manage privileges which could allow a user with Sessions administrator privilege to create a new user then use the edit user function to change this new user to administrator privilege.
Chamilo Chamilo Lms 1.11.10
5.4
CVSSv3
CVE-2018-7188
An XSS vulnerability (via an SVG image) in Tiki prior to 18 allows an authenticated user to gain administrator privileges if an administrator opens a wiki page with a malicious SVG image, related to lib/filegals/filegallib.php.
Tiki Tikiwiki Cms/groupware
5.4
CVSSv3
CVE-2017-15213
Stored XSS vulnerability in Flyspray prior to 1.0-rc6 allows an authenticated user to inject JavaScript to gain administrator privileges, via the real_name or email_address field to themes/CleanFS/templates/common.editallusers.tpl.
Flyspray Flyspray
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »