Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
administrator privileges vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-2116
planetGallery allows remote malicious users to gain administrator privileges via a direct request to admin/gallery_admin.php.
Planet Concept Planetgallery
1 EDB exploit
NA
CVE-2011-4406
The Ubuntu AccountsService package prior to 0.6.14-1git1ubuntu1.1 does not properly drop privileges when changing language settings, which allows local users to modify arbitrary files via unspecified vectors.
Canonical Ubuntu Linux 11.10
Canonical Accountsservice
5.4
CVSSv3
CVE-2018-14850
Stored XSS vulnerabilities in Tiki prior to 18.2, 15.7 and 12.14 allow an authenticated user injecting JavaScript to gain administrator privileges if an administrator opens a wiki page and moves the mouse pointer over a modified link or thumb image.
Tiki Tikiwiki Cms\\/groupware
NA
CVE-2008-7172
Lightweight news portal (LNP) 1.0b does not properly restrict access to administrator functionality, which allows remote malicious users to gain administrator privileges via direct requests to admin.php with the (1) potd_delete, (2) potd, (3) vote_update, (4) vote, or (5) modifyn...
Yanick Bourbeau Lightweight News Portal 1.0b
1 EDB exploit
8.8
CVSSv3
CVE-2017-17103
Fiyo CMS 2.0.7 has SQL injection in /apps/app_user/sys_user.php via $_POST[name] or $_POST[email]. This vulnerability can lead to escalation from normal user privileges to administrator privileges.
Fiyo Fiyo Cms 2.0.7
6.7
CVSSv3
CVE-2021-25270
A local attacker could execute arbitrary code with administrator privileges in HitmanPro.Alert before version Build 901.
Sophos Hitmanpro.alert
8.8
CVSSv3
CVE-2022-24255
Extensis Portfolio v4.0 exists to contain hardcoded credentials which allows malicious users to gain administrator privileges.
Extensis Portfolio 4.0
1 Github repository
8.8
CVSSv3
CVE-2021-35234
Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection leading to privileged escalation. An attacker with low-user privileges may steal password hashes and password salt information.
Solarwinds Orion Platform
Solarwinds Orion Platform 2020.2.6
8.8
CVSSv3
CVE-2016-1597
A logged-in user in NetIQ Access Governance Suite 6.0 up to and including 6.4 could escalate privileges to administrator.
Netiq Access Governance Suite 6.0
Netiq Access Governance Suite 6.2
Netiq Access Governance Suite 6.4
Netiq Access Governance Suite 6.3
Netiq Access Governance Suite 6.1
7.2
CVSSv3
CVE-2021-28962
Stormshield Network Security (SNS) prior to 4.2.2 allows a read-only administrator to gain privileges via CLI commands.
Stormshield Network Security
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »