Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
administrator privileges vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2019-11196
An authentication bypass vulnerability in all versions of ValuePLUS Integrated University Management System (IUMS) allows unauthenticated, remote malicious users to gain administrator privileges via the Teachers Web Panel (TWP) User ID or Password field. If exploited, the attacke...
Vpcsbd Integrated University Management System
9
CVSSv2
CVE-2021-1574
Multiple vulnerabilities in the web-based management interface of Cisco Business Process Automation (BPA) could allow an authenticated, remote malicious user to elevate privileges to Administrator. These vulnerabilities are due to improper authorization enforcement for specific f...
Cisco Business Process Automation
4
CVSSv2
CVE-2021-1576
Multiple vulnerabilities in the web-based management interface of Cisco Business Process Automation (BPA) could allow an authenticated, remote malicious user to elevate privileges to Administrator. These vulnerabilities are due to improper authorization enforcement for specific f...
Cisco Business Process Automation
10
CVSSv2
CVE-2003-0426
The installation of Apple QuickTime / Darwin Streaming Server prior to 4.1.3f starts the administration server with a "Setup Assistant" page that allows remote malicious users to set the administrator password and gain privileges before the real administrator.
Apple Darwin Streaming Server 4.1.3
NA
CVE-2023-32000
A Cross-Site Scripting (XSS) vulnerability found in UniFi Network (Version 7.3.83 and previous versions) allows a malicious actor with Site Administrator credentials to escalate privileges by persuading an Administrator to visit a malicious web page.
Ui Unifi Network Application
7.5
CVSSv2
CVE-2001-1211
Ipswitch IMail 7.0.4 and previous versions allows attackers with administrator privileges to read and modify user alias and mailing list information for other domains hosted by the same server via the (1) aliasadmin or (2) listadm1 CGI programs, which do not properly verify that ...
Ipswitch Imail 6.2
Ipswitch Imail 6.3
Ipswitch Imail 6.4
Ipswitch Imail 7.0.1
Ipswitch Imail 7.0.2
Ipswitch Imail 7.0.3
Ipswitch Imail 6.1
Ipswitch Imail 7.0.4
6.5
CVSSv2
CVE-2022-31007
eLabFTW is an electronic lab notebook manager for research teams. Prior to version 4.3.0, a vulnerability allows an authenticated user with an administrator role in a team to assign itself system administrator privileges within the application, or create a new system administrato...
Elabftw Elabftw
4
CVSSv2
CVE-2020-23128
Chamilo LMS 1.11.10 does not properly manage privileges which could allow a user with Sessions administrator privilege to create a new user then use the edit user function to change this new user to administrator privilege.
Chamilo Chamilo Lms 1.11.10
3.5
CVSSv2
CVE-2018-7188
An XSS vulnerability (via an SVG image) in Tiki prior to 18 allows an authenticated user to gain administrator privileges if an administrator opens a wiki page with a malicious SVG image, related to lib/filegals/filegallib.php.
Tiki Tikiwiki Cms\\/groupware
3.6
CVSSv2
CVE-2011-4406
The Ubuntu AccountsService package prior to 0.6.14-1git1ubuntu1.1 does not properly drop privileges when changing language settings, which allows local users to modify arbitrary files via unspecified vectors.
Canonical Ubuntu Linux 11.10
Canonical Accountsservice
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »