VYPR
High severity8.8NVD Advisory· Published Apr 10, 2018· Updated Jun 17, 2026

CVE-2014-1946

CVE-2014-1946

Description

OpenDocMan 1.2.7 and earlier does not properly validate allowed actions, which allows remote authenticated users to bypass an intended access restrictions and assign administrative privileges to themselves via a crafted request to signup.php.

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.