Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
administrator privileges vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-44244
An authentication bypass in Lin-CMS v0.2.1 allows malicious users to escalate privileges to Super Administrator.
Lin-cms Project Lin-cms 0.2.1
1 Github repository
NA
CVE-2023-32764
Fabasoft Cloud Enterprise Client 23.3.0.130 allows a user to escalate their privileges to local administrator.
Fabasoft Cloud -
Fabasoft Cloud Enterprise Client 23.3.0.130
Fabasoft Folio \\/ Egov-suite 2021
Fabasoft Folio \\/ Egov-suite 2022
Fabasoft Folio \\/ Egov-suite 2023
320
VMScore
CVE-2011-4406
The Ubuntu AccountsService package prior to 0.6.14-1git1ubuntu1.1 does not properly drop privileges when changing language settings, which allows local users to modify arbitrary files via unspecified vectors.
Canonical Ubuntu Linux 11.10
Canonical Accountsservice
755
VMScore
CVE-2008-7172
Lightweight news portal (LNP) 1.0b does not properly restrict access to administrator functionality, which allows remote malicious users to gain administrator privileges via direct requests to admin.php with the (1) potd_delete, (2) potd, (3) vote_update, (4) vote, or (5) modifyn...
Yanick Bourbeau Lightweight News Portal 1.0b
1 EDB exploit
578
VMScore
CVE-2017-17103
Fiyo CMS 2.0.7 has SQL injection in /apps/app_user/sys_user.php via $_POST[name] or $_POST[email]. This vulnerability can lead to escalation from normal user privileges to administrator privileges.
Fiyo Fiyo Cms 2.0.7
801
VMScore
CVE-2022-24255
Extensis Portfolio v4.0 exists to contain hardcoded credentials which allows malicious users to gain administrator privileges.
Extensis Portfolio 4.0
1 Github repository
641
VMScore
CVE-2021-25270
A local attacker could execute arbitrary code with administrator privileges in HitmanPro.Alert before version Build 901.
Sophos Hitmanpro.alert
578
VMScore
CVE-2021-35234
Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection leading to privileged escalation. An attacker with low-user privileges may steal password hashes and password salt information.
Solarwinds Orion Platform
Solarwinds Orion Platform 2020.2.6
605
VMScore
CVE-2017-17056
The ZKTime Web Software 2.0.1.12280 allows the Administrator to elevate the privileges of the application user using a 'password_change()' function of the Modify Password component, reachable via the old_password, new_password1, and new_password2 parameters to the /acco...
Zkteco Zktime Web 2.0.1.12280
187
VMScore
CVE-2020-5362
Dell Client Consumer and Commercial platforms include an improper authorization vulnerability in the Dell Manageability interface for which an unauthorized actor, with local system access with OS administrator privileges, could bypass the BIOS Administrator authentication to rest...
Dell Chengming 3967 Firmware
Dell Chengming 3977 Firmware
Dell Chengming 3980 Firmware
Dell Chengming 3988 Firmware
Dell Chengming 3990 Firmware
Dell Chengming 3991 Firmware
Dell G3 15 3500 Firmware
Dell G3 15 3590 Firmware
Dell G3 3579 Firmware
Dell G3 3779 Firmware
Dell G5 15 5500 Firmware
Dell G5 15 5590 Firmware
Dell G5 5587 Firmware
Dell G7 15 7590 Firmware
Dell G7 17 7790 Firmware
Dell G7 7588 Firmware
Dell Embedded Box Pc 5000 Firmware
Dell G5 5090 Firmware
Dell Inspiron 11 2-in-1 3153 Firmware
Dell Inspiron 11 2-in-1 3158 Firmware
Dell Inspiron 13 7370 Firmware
Dell Inspiron 13 2-in-1 5368 Firmware
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »