إرسال #461120: ClassCMS V4.8 Improper Handling of Insufficient Permissions or Privilegesالمعلومات

عنوانClassCMS V4.8 Improper Handling of Insufficient Permissions or Privileges
الوصفA privilege escalation vulnerability exists in the model management module of Classcms. This allows accounts belonging to non-admin user groups to modify admin group users and change their group memberships to other user groups. If all users in the admin group are changed to other groups, the system will no longer have the ability to configure accounts for the admin group.
المصدر⚠️ https://github.com/Jack-Black-13/blob/blob/main/ClassCMS%20V4.8%20Vertical%20Privilege%20Escalation.md
المستخدم
 vulbox (UID 78949)
ارسال11/12/2024 03:30 PM (2 سنوات منذ)
الاعتدال16/12/2024 09:53 AM (5 days later)
الحالةتمت الموافقة
إدخال VulDB288535 [ClassCMS حتى 4.8 User Management Page admin?do=admin:user:editPost تجاوز الصلاحيات]
النقاط18

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!