Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
administrator privileges vulnerabilities and exploits
(subscribe to this query)
6.7
CVSSv3
CVE-2021-20079
Nessus versions 8.13.2 and previous versions were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to gaining administrator privileges on the Nessus host.
Tenable Nessus
5.4
CVSSv3
CVE-2017-15213
Stored XSS vulnerability in Flyspray prior to 1.0-rc6 allows an authenticated user to inject JavaScript to gain administrator privileges, via the real_name or email_address field to themes/CleanFS/templates/common.editallusers.tpl.
Flyspray Flyspray
8.8
CVSSv3
CVE-2020-9456
In the RegistrationMagic plugin up to and including 4.6.0.3 for WordPress, the user controller allows remote authenticated users (with minimal privileges) to elevate their privileges to administrator via class_rm_user_controller.php rm_user_edit.
Metagauss Registrationmagic
7.8
CVSSv3
CVE-2023-25011
PC settings tool Ver10.1.26.0 and previous versions, PC settings tool Ver11.0.22.0 and previous versions allows a malicious user to write to the registry as administrator privileges with standard user privileges.
Nec Pc Settings Tool
NA
CVE-2004-1652
phpScheduleIt 1.0.0 RC1 does not clear administrative privileges if the administrator logs in as a normal user, which allows users with physical access to gain administrative privileges.
Brickhost Phpscheduleit 1.0
4.8
CVSSv3
CVE-2022-1027
The Page Restriction WordPress (WP) WordPress plugin prior to 1.2.7 allows bad actors with administrator privileges to the settings page to inject Javascript code to its settings leading to stored Cross-Site Scripting that will only affect administrator users.
Minioragne Page Restriction
7.2
CVSSv3
CVE-2023-30459
SmartPTT SCADA 1.1.0.0 allows remote code execution (when the attacker has administrator privileges) by writing a malicious C# script and executing it on the server (via server settings in the administrator control panel on port 8101, by default).
Smartptt Smartptt Scada 1.1
1 Github repository
7.8
CVSSv3
CVE-2023-32764
Fabasoft Cloud Enterprise Client 23.3.0.130 allows a user to escalate their privileges to local administrator.
Fabasoft Cloud -
Fabasoft Cloud Enterprise Client 23.3.0.130
Fabasoft Folio \\/ Egov-suite 2021
Fabasoft Folio \\/ Egov-suite 2022
Fabasoft Folio \\/ Egov-suite 2023
6.6
CVSSv3
CVE-2022-44244
An authentication bypass in Lin-CMS v0.2.1 allows malicious users to escalate privileges to Super Administrator.
Lin-cms Project Lin-cms 0.2.1
1 Github repository
7.8
CVSSv3
CVE-2015-4596
Lenovo Mouse Suite prior to 6.73 allows local users to run arbitrary code with administrator privileges.
Lenovo Mouse Suite
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »