CVSS: 8.8EPSS: 0%CPEs: -EXPL: 1CVE-2023-49982
https://notcve.org/view.php?id=CVE-2023-49982
Broken access control in the component /admin/management/users of School Fees Management System v1.0 allows attackers to escalate privileges and perform Administrative actions, including adding and deleting user accounts. • https://github.com/geraldoalcantara/CVE-2023-49982 https://www.sourcecodester.com/php/15697/school-fees-management-system-project-php-and-codeigniter-free-source-code.html • CWE-863: Incorrect Authorization •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-27764
https://notcve.org/view.php?id=CVE-2024-27764
An issue in Jeewms v.3.7 and before allows a remote attacker to escalate privileges via the AuthInterceptor component. • https://gitee.com/erzhongxmu/JEEWMS/issues/I8YN90 • CWE-27: Path Traversal: 'dir/../.. •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-43318 – TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 Privilege Escalation
https://notcve.org/view.php?id=CVE-2023-43318
TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 allows attackers to escalate privileges via modification of the 'tid' and 'usrlvl' values in GET requests. ... TP-Link JetStream Smart Switch TL-SG2210P version 5.0 build 20211201 suffers from a privilege escalation vulnerability. • https://github.com/str2ver/CVE-2023-43318 https://github.com/str2ver/CVE-2023-43318/tree/main https://seclists.org/fulldisclosure/2024/Mar/9 • CWE-284: Improper Access Control •
CVSS: 6.7EPSS: 0%CPEs: -EXPL: 0CVE-2024-20037
https://notcve.org/view.php?id=CVE-2024-20037
This could lead to local escalation of privilege with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.2EPSS: 0%CPEs: -EXPL: 0CVE-2024-20034
https://notcve.org/view.php?id=CVE-2024-20034
In battery, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-20: Improper Input Validation •