CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-24674
https://notcve.org/view.php?id=CVE-2023-24674
Permissions vulnerability found in Bludit CMS v.4.0.0 allows local attackers to escalate privileges via the role:admin parameter. Una vulnerabilidad de Permisos encontrada en Bludit CMS v.4.0.0 permite a atacantes locales escalar privilegios a través del parámetro role:admin. • https://cupc4k3.medium.com/cve-2023-24674-uncovering-a-privilege-escalation-vulnerability-in-bludit-cms-dcf86c41107 https://medium.com/%40cupc4k3/privilege-scalation-in-bludit-cms-dcf86c41107 • CWE-862: Missing Authorization •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-31572
https://notcve.org/view.php?id=CVE-2023-31572
An issue in Bludit 4.0.0-rc-2 allows authenticated attackers to change the Administrator password and escalate privileges via a crafted request. • https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/bludit/2023/Bludit-v4.0.0-Release-candidate-2 •