High severity8.8NVD Advisory· Published Apr 10, 2018· Updated Jun 17, 2026
CVE-2014-1946
CVE-2014-1946
Description
OpenDocMan 1.2.7 and earlier does not properly validate allowed actions, which allows remote authenticated users to bypass an intended access restrictions and assign administrative privileges to themselves via a crafted request to signup.php.
Affected products
2<=1.2.7+ 1 more
- (no CPE)range: <=1.2.7
- (no CPE)range: <=1.2.7
Patches
Vulnerability mechanics
References
3- www.securityfocus.com/archive/1/531351/100/0/threadednvdExploitThird Party AdvisoryVDB Entry
- www.htbridge.com/advisory/HTB23202nvdExploitThird Party Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/91577nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.