Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
NA

CVE-2024-0795

Published: 02/03/2024 Updated: 04/03/2024

Vulnerability Summary

If an attacked was given access to an instance with the admin or manager role there is no backend authentication that would prevent the attacked from creating a new user with an `admin` role and then be able to use this new account to have elevated privileges on the instance

Github Repositories

https://github.com/raltheo/raltheo

Hi there 👋 Hello, I'm Théo, I'm a french junior developer, passionate about security, I like to learn new things and work on projects! Various techs I use Cyber Security learning Root Me CVE See my Huntr Profile CVE-2023-5833 Admin account takeover CVE-2024-0763 Arbitrary Folder Delete CVE-2024-0795 Improper acces control / adm

References

CWE-284https://huntr.com/bounties/f69e3307-7b44-4776-ac60-2990990723echttps://github.com/mintplex-labs/anything-llm/commit/9a237db3d1f66cdbcf5079599258f5fb251c5564https://nvd.nist.govhttps://github.com/raltheo/raltheo
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversalCVE-2024-33545CVE-2024-35725CVE-2024-32704overflowfile uploadCVE-2024-0230CVE-2024-32705CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook