Improper authorization in Collabora KodExplorer up to version 4.52 allows remote unauthenticated attackers to bypass authentication via manipulation of the fileUpload parameter in the /app/controller/share.class.php endpoint, potentially enabling unauthorized file access or modification with low confidentiality, integrity, and availability impact. Publicly available exploit code exists; however, the attack requires high complexity and is described as difficult to execute in practice, limiting real-world exploitation despite public disclosure and vendor non-responsiveness.
Liangliangyy DjangoBlog up to version 2.1.0.0 contains hard-coded credentials in the SECRET_KEY parameter within djangoblog/settings.py, allowing remote unauthenticated attackers to bypass authentication and encrypt/decrypt sensitive session data. The vulnerability has been publicly disclosed with exploit code available on GitHub, though the vendor did not respond to early disclosure notification. With a CVSS score of 5.6 and AC:H rating, practical exploitation requires moderate technical effort but affects confidentiality, integrity, and availability.
Command injection in DjangoBlog WeChat Bot Interface allows authenticated remote attackers to execute arbitrary system commands by manipulating the Source argument in the CommandHandler function. Affected versions up to 2.1.0.0 are vulnerable. The exploit has been publicly disclosed on GitHub, and the vendor has not responded to early disclosure attempts. CVSS score of 6.3 reflects moderate severity with network-accessible attack vector requiring authentication.
Server-side request forgery in PHPEMS 11.0 allows authenticated remote attackers to manipulate the uploadfile parameter in the Instant Exam Creation Handler component, enabling SSRF attacks that can access internal resources or perform unauthorized requests from the server. The vulnerability affects the temppage function in /app/exam/controller/exams.master.php and has public exploit code available, though exploitation requires valid user credentials (PR:L).
Kodcloud KodExplorer up to version 4.52 contains an authorization bypass vulnerability in the roleGroupAction function that allows authenticated remote attackers to manipulate the group_role parameter and gain unauthorized access to sensitive information and system modification capabilities. The vulnerability has a CVSS score of 6.3 with public exploit code available, and the vendor has not responded to early disclosure notifications, leaving deployed instances without official patching options.
Improper authorization in EMQ EMQX Enterprise 6.0-6.1.0 allows authenticated remote attackers to trigger a denial-of-service condition via unspecified manipulation of the Session Handling component. CVSS 4.3 with attack vector AV:N/AC:L/PR:L reflects network-exploitable impact limited to availability; publicly available exploit code exists but active exploitation has not been confirmed by CISA KEV. The vendor has not responded to early disclosure notification.
Authorization bypass in TransformerOptimus SuperAGI up to version 0.0.14 allows authenticated users to modify arbitrary organizations by manipulating the organisation_id parameter in the Organisation Update Endpoint, causing integrity and availability impact. Remote exploitation requires valid credentials and is limited to authenticated users (CVSS PR:L), but publicly available exploit code exists and the vendor has not responded to disclosure.
Authorization bypass in TransformerOptimus SuperAGI up to version 0.0.14 allows authenticated remote attackers to modify user accounts by manipulating the user_id parameter in the User Update Endpoint (superagi/controllers/user.py), enabling unauthorized data modification and availability impact. Publicly available exploit code exists; the vendor has not responded to disclosure efforts.
Authorization bypass in TransformerOptimus SuperAGI API Key Management allows authenticated users to delete or edit arbitrary API keys beyond their own permissions, affecting versions up to 0.0.14. The vulnerability exists in the delete_api_key and edit_api_key endpoints and enables authenticated attackers to manipulate other users' credentials remotely with low complexity. Publicly available exploit code exists, and the vendor has not responded to early disclosure.
Remote authorization bypass in KodCloud KodExplorer up to version 4.52 allows high-privileged authenticated attackers to manipulate the path argument in the initInstall function (/app/controller/systemMember.class.php), resulting in integrity compromise. The exploit code is publicly available, and the vendor has not responded to early disclosure notifications, leaving deployed instances vulnerable without official remediation guidance.
EyouCMS versions up to 1.7.1 allow high-privileged attackers to upload arbitrary files via manipulation of the filename parameter in the edit_adminlogo function, leading to information disclosure and potential code execution. The vulnerability requires authenticated admin access and is publicly exploitable with proof-of-concept code available on GitHub; the vendor has not responded to disclosure attempts.