Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
administrator privileges vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-2116
planetGallery allows remote malicious users to gain administrator privileges via a direct request to admin/gallery_admin.php.
Planet Concept Planetgallery
1 EDB exploit
7.8
CVSSv3
CVE-2015-4596
Lenovo Mouse Suite prior to 6.73 allows local users to run arbitrary code with administrator privileges.
Lenovo Mouse Suite
NA
CVE-2011-4406
The Ubuntu AccountsService package prior to 0.6.14-1git1ubuntu1.1 does not properly drop privileges when changing language settings, which allows local users to modify arbitrary files via unspecified vectors.
Canonical Accountsservice
Canonical Ubuntu Linux 11.10
5.4
CVSSv3
CVE-2018-14850
Stored XSS vulnerabilities in Tiki prior to 18.2, 15.7 and 12.14 allow an authenticated user injecting JavaScript to gain administrator privileges if an administrator opens a wiki page and moves the mouse pointer over a modified link or thumb image.
Tiki Tikiwiki Cms/groupware
8.8
CVSSv3
CVE-2017-17103
Fiyo CMS 2.0.7 has SQL injection in /apps/app_user/sys_user.php via $_POST[name] or $_POST[email]. This vulnerability can lead to escalation from normal user privileges to administrator privileges.
Fiyo Fiyo Cms 2.0.7
NA
CVE-2008-7172
Lightweight news portal (LNP) 1.0b does not properly restrict access to administrator functionality, which allows remote malicious users to gain administrator privileges via direct requests to admin.php with the (1) potd_delete, (2) potd, (3) vote_update, (4) vote, or (5) modifyn...
Yanick Bourbeau Lightweight News Portal 1.0b
1 EDB exploit
8.8
CVSSv3
CVE-2022-24255
Extensis Portfolio v4.0 exists to contain hardcoded credentials which allows malicious users to gain administrator privileges.
Extensis Portfolio 4.0
1 Github repository
6.7
CVSSv3
CVE-2021-25270
A local attacker could execute arbitrary code with administrator privileges in HitmanPro.Alert before version Build 901.
Sophos Hitmanpro.alert
8.8
CVSSv3
CVE-2021-35234
Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection leading to privileged escalation. An attacker with low-user privileges may steal password hashes and password salt information.
Solarwinds Orion Platform
Solarwinds Orion Platform 2020.2.6
8.8
CVSSv3
CVE-2016-1597
A logged-in user in NetIQ Access Governance Suite 6.0 up to and including 6.4 could escalate privileges to administrator.
Netiq Access Governance Suite 6.0
Netiq Access Governance Suite 6.2
Netiq Access Governance Suite 6.4
Netiq Access Governance Suite 6.3
Netiq Access Governance Suite 6.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »