Vendor CVEs
Admidio
All CVEs
55 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-6492 | Hig | 0.47 | 7.2 | 0.01 | Mar 5, 2017 | SQL Injection was discovered in adm_program/modules/dates/dates_function.php in Admidio 3.2.5. The POST parameter dat_cat_id is concatenated into a SQL query without any input validation/sanitization. | ||
| CVE-2026-41670 | Hig | 0.46 | 8.2 | 0.00 | May 7, 2026 | Admidio is an open-source user management solution. Prior to version 5.0.9, the SAML IdP implementation in Admidio's SSO module uses the AssertionConsumerServiceURL value directly from incoming SAML AuthnRequest messages as the destination for the SAML response, without… | ||
| CVE-2026-41669 | Hig | 0.46 | 8.2 | 0.00 | May 7, 2026 | Admidio is an open-source user management solution. Prior to version 5.0.9, the Admidio SAML Identity Provider implementation discards the return value of its validateSignature() method at both call sites (handleSSORequest() line 418 and handleSLORequest() line 613). The method… | ||
| CVE-2026-34381 | Hig | 0.42 | 7.5 | 0.01 | Mar 31, 2026 | Admidio is an open-source user management solution. From version 5.0.0 to before version 5.0.8, Admidio relies on adm_my_files/.htaccess to deny direct HTTP access to uploaded documents. The Docker image ships with AllowOverride None in the Apache configuration, which causes… | ||
| CVE-2026-41660 | Hig | 0.39 | 7.1 | 0.00 | May 7, 2026 | Admidio is an open-source user management solution. Prior to version 5.0.9, a logic error in Admidio's two-factor authentication reset inverts the authorization check. Non-admin users cannot remove their own TOTP configuration, but they can remove other users' TOTP, including… | ||
| CVE-2026-47231 | hig | 0.38 | — | 0.00 | May 29, 2026 | ## Summary `modules/documents-files.php` gates state-changing modes by checking that the actor has `hasUploadRight()` on the URL parameter `folder_uuid`. The `move_save` handler then operates on a *separate* URL parameter `file_uuid` and calls… | ||
| CVE-2026-42194 | Med | 0.37 | 6.8 | 0.00 | May 7, 2026 | Admidio is an open-source user management solution. Prior to version 5.0.9, the incomplete SSRF fix in Admidio's fetch_metadata.php validates the resolved IP address but passes the original hostname-based URL to curl_init(), leaving a DNS rebinding TOCTOU window that allows… | ||
| CVE-2026-41671 | Med | 0.37 | 6.8 | 0.00 | May 7, 2026 | Admidio is an open-source user management solution. Prior to version 5.0.9, the OIDC token introspection endpoint (/modules/sso/index.php/oidc/introspect) always returns {"active": true} for every request, regardless of whether a valid token is provided, whether the token is… | ||
| CVE-2026-41658 | Med | 0.35 | 6.5 | 0.00 | May 7, 2026 | Admidio is an open-source user management solution. Prior to version 5.0.9, the Admidio inventory module enforces authorization for destructive operations (delete, retire, reinstate) only in the UI layer by conditionally rendering buttons. The backend POST handlers at… | ||
| CVE-2026-41655 | Med | 0.35 | 6.5 | 0.00 | May 7, 2026 | Admidio is an open-source user management solution. Prior to version 5.0.9, the ecard_preview.php endpoint does not validate that the ecard_template POST parameter is a safe filename before passing it to ECard::getEcardTemplate(). An authenticated user can supply a path… | ||
| CVE-2026-41661 | Med | 0.33 | 6.1 | 0.00 | May 7, 2026 | Admidio is an open-source user management solution. Prior to version 5.0.9, an unauthenticated attacker can execute arbitrary JavaScript in any Admidio user's browser through a reflected XSS in system/msg_window.php. The endpoint passes user input through htmlspecialchars(),… | ||
| CVE-2018-25370 | Med | 0.27 | 5.3 | 0.00 | May 25, 2026 | Admidio 3.3.5 contains a cross-site request forgery vulnerability that allows low-privilege users to increase their permissions by exploiting improper origin checking. Attackers can craft malicious HTML forms targeting roles_function.php with parameters like rol_assign_roles,… | ||
| CVE-2026-41662 | Med | 0.27 | 5.2 | 0.00 | May 7, 2026 | Admidio is an open-source user management solution. Prior to version 5.0.9, Role::stopMembership() does not verify whether removing a user from the administrator role leaves zero administrators. The deprecated Membership::stopMembership() contains this safety check, but the… | ||
| CVE-2026-41657 | Med | 0.25 | 4.9 | 0.00 | May 7, 2026 | Admidio is an open-source user management solution. Prior to version 5.0.9, the contacts_data.php endpoint uses a weaker permission check (isAdministratorUsers(), requiring only rol_edit_user=true) than the frontend UI (contacts.php) which correctly requires the stronger… | ||
| CVE-2017-8382 | Med | 0.25 | 4.5 | 0.03 | May 16, 2017 | admidio 3.2.8 has CSRF in adm_program/modules/members/members_function.php with an impact of deleting arbitrary user accounts. | ||
| CVE-2026-34382 | Med | 0.23 | 4.6 | 0.00 | Mar 31, 2026 | Admidio is an open-source user management solution. From version 5.0.0 to before version 5.0.8, the delete mode handler in mylist_function.php permanently deletes list configurations without validating a CSRF token. An attacker who can lure an authenticated user to a malicious… | ||
| CVE-2026-41656 | Med | 0.22 | 4.5 | 0.00 | May 7, 2026 | Admidio is an open-source user management solution. Prior to version 5.0.9, the add mode in modules/documents-files.php accepts a name parameter validated only as 'string' type (HTML encoding), allowing path traversal characters (../) to pass through unfiltered. Combined with… | ||
| CVE-2026-34384 | Med | 0.22 | 4.5 | 0.00 | Mar 31, 2026 | Admidio is an open-source user management solution. Prior to version 5.0.8, the create_user, assign_member, and assign_user action modes in modules/registration.php approve pending user registrations via GET request without validating a CSRF token. Unlike the delete_user mode in… | ||
| CVE-2026-34383 | Med | 0.21 | 4.3 | 0.00 | Mar 31, 2026 | Admidio is an open-source user management solution. Prior to version 5.0.8, the inventory module's item_save endpoint accepts a user-controllable POST parameter imported that, when set to true, completely bypasses both CSRF token validation and server-side form validation. An… | ||
| CVE-2026-41663 | Low | 0.16 | 3.5 | 0.00 | May 7, 2026 | Admidio is an open-source user management solution. Prior to version 5.0.9, several administrative operations in Admidio's preferences module (database backup, test email, htaccess generation) fire via GET requests with no CSRF token validation. Because SameSite=Lax cookies… | ||
| CVE-2026-41659 | Low | 0.11 | 2.7 | 0.00 | May 7, 2026 | Admidio is an open-source user management solution. Prior to version 5.0.9, the member assignment DataTables endpoint (members_assignment_data.php) includes hidden profile fields (BIRTHDAY, STREET, CITY, POSTCODE, COUNTRY) in its SQL search condition regardless of field… | ||
| CVE-2008-5209 | 0.03 | — | 0.03 | Nov 24, 2008 | Directory traversal vulnerability in modules/download/get_file.php in Admidio 1.4.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||
| CVE-2026-47233 | 0.00 | — | 0.00 | May 29, 2026 | ## Summary Commit `d37ca6b27b9674238e58491cf7ba292e66898f15` ("Delete item not check admin rights #2024", 2026-04-12) added a missing `isAdministratorInventory()` gate to `case 'item_delete':` in `modules/inventory.php`. The same fix was not applied to the sibling `case… | |||
| CVE-2026-47234 | 0.00 | — | 0.00 | May 29, 2026 | ## Summary When debug logging is enabled, `Session::setCookie()` logs full cookie values and `Session::start()` logs the current session ID. In a real Admidio deployment this includes both the active session cookie and the persistent auto-login cookie. Anyone with access to the… | |||
| CVE-2026-47232 | 0.00 | — | 0.00 | May 29, 2026 | ## Summary The sensitive `mode=export` action in `modules/sso/keys.php` exports a PKCS#12 bundle containing the configured private key and certificate, but the CSRF validation line is commented out. A forged cross-site POST from an administrator session can therefore trigger… | |||
| CVE-2026-47230 | 0.00 | — | 0.00 | May 29, 2026 | ## Summary `modules/documents-files.php` mode `file_rename_save` shares the same root-cause shape as the cross-folder move bug (`05-documents-cross-folder-move-idor.md`): the top-level rights check at lines 79-89 validates `hasUploadRight()` on the URL parameter `folder_uuid`,… | |||
| CVE-2026-47229 | 0.00 | — | 0.00 | May 29, 2026 | ## Summary `modules/sso/clients.php` validates an `adm_csrf_token` on every state-changing branch except `enable`. The `enable` case loads the SAML or OIDC client by UUID, calls `$client->enable($enabled)`, and persists the new state with no token check. Because the action is… | |||
| CVE-2026-47228 | 0.00 | — | 0.00 | May 29, 2026 | ## Summary `modules/registration.php` mode `send_login` regenerates a random password for `user_uuid_assigned`, stores its bcrypt hash in `adm_users.usr_password`, and emails the cleartext to that user. Every other state-changing mode in the same file (`assign_member`,… | |||
| CVE-2026-47227 | 0.00 | — | 0.00 | May 29, 2026 | ## Summary `modules/categories.php` checks that the supplied `type` parameter (`ANN`, `EVT`, `ROL`, `USF`, …) corresponds to a module the actor administers. The follow-up "is this specific category editable by me" check at lines 56-61 is dead code because it compares… | |||
| CVE-2026-47226 | 0.00 | — | 0.00 | May 29, 2026 | ### Summary An authenticated Admidio member with upload rights on **any one folder** can permanently delete files from folders where they have only view access. The authorization check at the top of `modules/documents-files.php` evaluates upload rights against the… | |||
| CVE-2026-32813 | 0.00 | — | 0.00 | Mar 20, 2026 | Admidio is an open-source user management solution. Versions 5.0.6 and below are vulnerable to arbitrary SQL Injection through the MyList configuration feature. The MyList configuration feature lets authenticated users define custom list column layouts, storing user-supplied… | |||
| CVE-2026-32817 | 0.00 | — | 0.00 | Mar 20, 2026 | Admidio is an open-source user management solution. In versions 5.0.0 through 5.0.6, the documents and files module does not verify whether the current user has permission to delete folders or files. The folder_delete and file_delete action handlers in… | |||
| CVE-2026-32812 | 0.00 | — | 0.00 | Mar 20, 2026 | Admidio is an open-source user management solution. In versions 5.0.0 through 5.0.6, unrestricted URL fetch in the SSO Metadata API can result in SSRF and local file reads. The SSO Metadata fetch endpoint at modules/sso/fetch_metadata.php accepts an arbitrary URL via… | |||
| CVE-2026-32757 | 0.00 | — | 0.00 | Mar 19, 2026 | Admidio is an open-source user management solution. In versions 5.0.6 and below, the eCard send handler uses a raw $_POST['ecard_message'] value instead of the HTMLPurifier-sanitized $formValues['ecard_message'] when constructing the greeting card HTML. This allows an… | |||
| CVE-2026-32756 | 0.00 | — | 0.01 | Mar 19, 2026 | Admidio is an open-source user management solution. Versions 5.0.6 and below contain a critical unrestricted file upload vulnerability in the Documents & Files module. Due to a design flaw in how CSRF token validation and file extension verification interact within… | |||
| CVE-2026-32818 | 0.00 | — | 0.00 | Mar 19, 2026 | Admidio is an open-source user management solution. In versions 5.0.0 through 5.0.6, the forum module in Admidio does not verify whether the current user has permission to delete forum topics or posts. Both the topic_delete and post_delete actions in forum.php only validate the… | |||
| CVE-2026-32816 | 0.00 | — | 0.00 | Mar 19, 2026 | Admidio is an open-source user management solution. In versions 5.0.0 through 5.0.6, the delete, activate, and deactivate modes in modules/groups-roles/groups_roles.php perform destructive state changes on organizational roles but never validate an anti-CSRF token. The… | |||
| CVE-2026-32755 | 0.00 | — | 0.00 | Mar 19, 2026 | Admidio is an open-source user management solution. In versions 5.0.6 and below, the save_membership action in modules/profile/profile_function.php saves changes to a member's role membership start and end dates but does not validate the CSRF token. The handler checks… | |||
| CVE-2026-30927 | 0.00 | — | 0.00 | Mar 9, 2026 | Admidio is an open-source user management solution. Prior to 5.0.6, in modules/events/events_function.php, the event participation logic allows any user who can participate in an event to register OTHER users by manipulating the user_uuid GET parameter. The condition uses ||… | |||
| CVE-2025-62617 | 0.00 | — | 0.00 | Oct 22, 2025 | Admidio is an open-source user management solution. Prior to version 4.3.17, an authenticated SQL injection vulnerability exists in the member assignment data retrieval functionality of Admidio. Any authenticated user with permissions to assign members to a role (such as an… | |||
| CVE-2024-47836 | 0.00 | — | 0.00 | Oct 16, 2024 | Admidio is an open-source user management solution. Prior to version 4.3.12, an unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the server. Version 4.3.12 fixes this issue. | |||
| CVE-2024-38529 | 0.00 | — | 0.01 | Jul 29, 2024 | Admidio is a free, open source user management system for websites of organizations and groups. In Admidio before version 4.3.10, there is a Remote Code Execution Vulnerability in the Message module of the Admidio Application, where it is possible to upload a PHP file in the… | |||
| CVE-2024-37906 | 0.00 | — | 0.01 | Jul 29, 2024 | Admidio is a free, open source user management system for websites of organizations and groups. In Admidio before version 4.3.9, there is an SQL Injection in the `/adm_program/modules/ecards/ecard_send.php` source file of the Admidio Application. The SQL Injection results in a… | |||
| CVE-2023-47380 | 0.00 | — | 0.01 | Nov 22, 2023 | Admidio v4.2.12 and below is vulnerable to Cross Site Scripting (XSS). | |||
| CVE-2023-4190 | 0.00 | — | 0.01 | Aug 6, 2023 | Insufficient Session Expiration in GitHub repository admidio/admidio prior to 4.2.11. | |||
| CVE-2023-3692 | 0.00 | — | 0.01 | Jul 16, 2023 | Unrestricted Upload of File with Dangerous Type in GitHub repository admidio/admidio prior to 4.2.10. | |||
| CVE-2023-3303 | 0.00 | — | 0.00 | Jun 23, 2023 | Improper Access Control in GitHub repository admidio/admidio prior to 4.2.9. | |||
| CVE-2023-3302 | 0.00 | — | 0.00 | Jun 23, 2023 | Improper Neutralization of Formula Elements in a CSV File in GitHub repository admidio/admidio prior to 4.2.9. | |||
| CVE-2023-3304 | 0.00 | — | 0.00 | Jun 23, 2023 | Improper Access Control in GitHub repository admidio/admidio prior to 4.2.9. | |||
| CVE-2023-3109 | 0.00 | — | 0.00 | Jun 5, 2023 | Cross-site Scripting (XSS) - Stored in GitHub repository admidio/admidio prior to 4.2.8. |
- risk 0.47cvss 7.2epss 0.01
SQL Injection was discovered in adm_program/modules/dates/dates_function.php in Admidio 3.2.5. The POST parameter dat_cat_id is concatenated into a SQL query without any input validation/sanitization.
- risk 0.46cvss 8.2epss 0.00
Admidio is an open-source user management solution. Prior to version 5.0.9, the SAML IdP implementation in Admidio's SSO module uses the AssertionConsumerServiceURL value directly from incoming SAML AuthnRequest messages as the destination for the SAML response, without…
- risk 0.46cvss 8.2epss 0.00
Admidio is an open-source user management solution. Prior to version 5.0.9, the Admidio SAML Identity Provider implementation discards the return value of its validateSignature() method at both call sites (handleSSORequest() line 418 and handleSLORequest() line 613). The method…
- risk 0.42cvss 7.5epss 0.01
Admidio is an open-source user management solution. From version 5.0.0 to before version 5.0.8, Admidio relies on adm_my_files/.htaccess to deny direct HTTP access to uploaded documents. The Docker image ships with AllowOverride None in the Apache configuration, which causes…
- risk 0.39cvss 7.1epss 0.00
Admidio is an open-source user management solution. Prior to version 5.0.9, a logic error in Admidio's two-factor authentication reset inverts the authorization check. Non-admin users cannot remove their own TOTP configuration, but they can remove other users' TOTP, including…
- risk 0.38cvss —epss 0.00
## Summary `modules/documents-files.php` gates state-changing modes by checking that the actor has `hasUploadRight()` on the URL parameter `folder_uuid`. The `move_save` handler then operates on a *separate* URL parameter `file_uuid` and calls…
- risk 0.37cvss 6.8epss 0.00
Admidio is an open-source user management solution. Prior to version 5.0.9, the incomplete SSRF fix in Admidio's fetch_metadata.php validates the resolved IP address but passes the original hostname-based URL to curl_init(), leaving a DNS rebinding TOCTOU window that allows…
- risk 0.37cvss 6.8epss 0.00
Admidio is an open-source user management solution. Prior to version 5.0.9, the OIDC token introspection endpoint (/modules/sso/index.php/oidc/introspect) always returns {"active": true} for every request, regardless of whether a valid token is provided, whether the token is…
- risk 0.35cvss 6.5epss 0.00
Admidio is an open-source user management solution. Prior to version 5.0.9, the Admidio inventory module enforces authorization for destructive operations (delete, retire, reinstate) only in the UI layer by conditionally rendering buttons. The backend POST handlers at…
- risk 0.35cvss 6.5epss 0.00
Admidio is an open-source user management solution. Prior to version 5.0.9, the ecard_preview.php endpoint does not validate that the ecard_template POST parameter is a safe filename before passing it to ECard::getEcardTemplate(). An authenticated user can supply a path…
- risk 0.33cvss 6.1epss 0.00
Admidio is an open-source user management solution. Prior to version 5.0.9, an unauthenticated attacker can execute arbitrary JavaScript in any Admidio user's browser through a reflected XSS in system/msg_window.php. The endpoint passes user input through htmlspecialchars(),…
- risk 0.27cvss 5.3epss 0.00
Admidio 3.3.5 contains a cross-site request forgery vulnerability that allows low-privilege users to increase their permissions by exploiting improper origin checking. Attackers can craft malicious HTML forms targeting roles_function.php with parameters like rol_assign_roles,…
- risk 0.27cvss 5.2epss 0.00
Admidio is an open-source user management solution. Prior to version 5.0.9, Role::stopMembership() does not verify whether removing a user from the administrator role leaves zero administrators. The deprecated Membership::stopMembership() contains this safety check, but the…
- risk 0.25cvss 4.9epss 0.00
Admidio is an open-source user management solution. Prior to version 5.0.9, the contacts_data.php endpoint uses a weaker permission check (isAdministratorUsers(), requiring only rol_edit_user=true) than the frontend UI (contacts.php) which correctly requires the stronger…
- risk 0.25cvss 4.5epss 0.03
admidio 3.2.8 has CSRF in adm_program/modules/members/members_function.php with an impact of deleting arbitrary user accounts.
- risk 0.23cvss 4.6epss 0.00
Admidio is an open-source user management solution. From version 5.0.0 to before version 5.0.8, the delete mode handler in mylist_function.php permanently deletes list configurations without validating a CSRF token. An attacker who can lure an authenticated user to a malicious…
- risk 0.22cvss 4.5epss 0.00
Admidio is an open-source user management solution. Prior to version 5.0.9, the add mode in modules/documents-files.php accepts a name parameter validated only as 'string' type (HTML encoding), allowing path traversal characters (../) to pass through unfiltered. Combined with…
- risk 0.22cvss 4.5epss 0.00
Admidio is an open-source user management solution. Prior to version 5.0.8, the create_user, assign_member, and assign_user action modes in modules/registration.php approve pending user registrations via GET request without validating a CSRF token. Unlike the delete_user mode in…
- risk 0.21cvss 4.3epss 0.00
Admidio is an open-source user management solution. Prior to version 5.0.8, the inventory module's item_save endpoint accepts a user-controllable POST parameter imported that, when set to true, completely bypasses both CSRF token validation and server-side form validation. An…
- risk 0.16cvss 3.5epss 0.00
Admidio is an open-source user management solution. Prior to version 5.0.9, several administrative operations in Admidio's preferences module (database backup, test email, htaccess generation) fire via GET requests with no CSRF token validation. Because SameSite=Lax cookies…
- risk 0.11cvss 2.7epss 0.00
Admidio is an open-source user management solution. Prior to version 5.0.9, the member assignment DataTables endpoint (members_assignment_data.php) includes hidden profile fields (BIRTHDAY, STREET, CITY, POSTCODE, COUNTRY) in its SQL search condition regardless of field…
- CVE-2008-5209Nov 24, 2008risk 0.03cvss —epss 0.03
Directory traversal vulnerability in modules/download/get_file.php in Admidio 1.4.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
- CVE-2026-47233May 29, 2026risk 0.00cvss —epss 0.00
## Summary Commit `d37ca6b27b9674238e58491cf7ba292e66898f15` ("Delete item not check admin rights #2024", 2026-04-12) added a missing `isAdministratorInventory()` gate to `case 'item_delete':` in `modules/inventory.php`. The same fix was not applied to the sibling `case…
- CVE-2026-47234May 29, 2026risk 0.00cvss —epss 0.00
## Summary When debug logging is enabled, `Session::setCookie()` logs full cookie values and `Session::start()` logs the current session ID. In a real Admidio deployment this includes both the active session cookie and the persistent auto-login cookie. Anyone with access to the…
- CVE-2026-47232May 29, 2026risk 0.00cvss —epss 0.00
## Summary The sensitive `mode=export` action in `modules/sso/keys.php` exports a PKCS#12 bundle containing the configured private key and certificate, but the CSRF validation line is commented out. A forged cross-site POST from an administrator session can therefore trigger…
- CVE-2026-47230May 29, 2026risk 0.00cvss —epss 0.00
## Summary `modules/documents-files.php` mode `file_rename_save` shares the same root-cause shape as the cross-folder move bug (`05-documents-cross-folder-move-idor.md`): the top-level rights check at lines 79-89 validates `hasUploadRight()` on the URL parameter `folder_uuid`,…
- CVE-2026-47229May 29, 2026risk 0.00cvss —epss 0.00
## Summary `modules/sso/clients.php` validates an `adm_csrf_token` on every state-changing branch except `enable`. The `enable` case loads the SAML or OIDC client by UUID, calls `$client->enable($enabled)`, and persists the new state with no token check. Because the action is…
- CVE-2026-47228May 29, 2026risk 0.00cvss —epss 0.00
## Summary `modules/registration.php` mode `send_login` regenerates a random password for `user_uuid_assigned`, stores its bcrypt hash in `adm_users.usr_password`, and emails the cleartext to that user. Every other state-changing mode in the same file (`assign_member`,…
- CVE-2026-47227May 29, 2026risk 0.00cvss —epss 0.00
## Summary `modules/categories.php` checks that the supplied `type` parameter (`ANN`, `EVT`, `ROL`, `USF`, …) corresponds to a module the actor administers. The follow-up "is this specific category editable by me" check at lines 56-61 is dead code because it compares…
- CVE-2026-47226May 29, 2026risk 0.00cvss —epss 0.00
### Summary An authenticated Admidio member with upload rights on **any one folder** can permanently delete files from folders where they have only view access. The authorization check at the top of `modules/documents-files.php` evaluates upload rights against the…
- CVE-2026-32813Mar 20, 2026risk 0.00cvss —epss 0.00
Admidio is an open-source user management solution. Versions 5.0.6 and below are vulnerable to arbitrary SQL Injection through the MyList configuration feature. The MyList configuration feature lets authenticated users define custom list column layouts, storing user-supplied…
- CVE-2026-32817Mar 20, 2026risk 0.00cvss —epss 0.00
Admidio is an open-source user management solution. In versions 5.0.0 through 5.0.6, the documents and files module does not verify whether the current user has permission to delete folders or files. The folder_delete and file_delete action handlers in…
- CVE-2026-32812Mar 20, 2026risk 0.00cvss —epss 0.00
Admidio is an open-source user management solution. In versions 5.0.0 through 5.0.6, unrestricted URL fetch in the SSO Metadata API can result in SSRF and local file reads. The SSO Metadata fetch endpoint at modules/sso/fetch_metadata.php accepts an arbitrary URL via…
- CVE-2026-32757Mar 19, 2026risk 0.00cvss —epss 0.00
Admidio is an open-source user management solution. In versions 5.0.6 and below, the eCard send handler uses a raw $_POST['ecard_message'] value instead of the HTMLPurifier-sanitized $formValues['ecard_message'] when constructing the greeting card HTML. This allows an…
- CVE-2026-32756Mar 19, 2026risk 0.00cvss —epss 0.01
Admidio is an open-source user management solution. Versions 5.0.6 and below contain a critical unrestricted file upload vulnerability in the Documents & Files module. Due to a design flaw in how CSRF token validation and file extension verification interact within…
- CVE-2026-32818Mar 19, 2026risk 0.00cvss —epss 0.00
Admidio is an open-source user management solution. In versions 5.0.0 through 5.0.6, the forum module in Admidio does not verify whether the current user has permission to delete forum topics or posts. Both the topic_delete and post_delete actions in forum.php only validate the…
- CVE-2026-32816Mar 19, 2026risk 0.00cvss —epss 0.00
Admidio is an open-source user management solution. In versions 5.0.0 through 5.0.6, the delete, activate, and deactivate modes in modules/groups-roles/groups_roles.php perform destructive state changes on organizational roles but never validate an anti-CSRF token. The…
- CVE-2026-32755Mar 19, 2026risk 0.00cvss —epss 0.00
Admidio is an open-source user management solution. In versions 5.0.6 and below, the save_membership action in modules/profile/profile_function.php saves changes to a member's role membership start and end dates but does not validate the CSRF token. The handler checks…
- CVE-2026-30927Mar 9, 2026risk 0.00cvss —epss 0.00
Admidio is an open-source user management solution. Prior to 5.0.6, in modules/events/events_function.php, the event participation logic allows any user who can participate in an event to register OTHER users by manipulating the user_uuid GET parameter. The condition uses ||…
- CVE-2025-62617Oct 22, 2025risk 0.00cvss —epss 0.00
Admidio is an open-source user management solution. Prior to version 4.3.17, an authenticated SQL injection vulnerability exists in the member assignment data retrieval functionality of Admidio. Any authenticated user with permissions to assign members to a role (such as an…
- CVE-2024-47836Oct 16, 2024risk 0.00cvss —epss 0.00
Admidio is an open-source user management solution. Prior to version 4.3.12, an unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the server. Version 4.3.12 fixes this issue.
- CVE-2024-38529Jul 29, 2024risk 0.00cvss —epss 0.01
Admidio is a free, open source user management system for websites of organizations and groups. In Admidio before version 4.3.10, there is a Remote Code Execution Vulnerability in the Message module of the Admidio Application, where it is possible to upload a PHP file in the…
- CVE-2024-37906Jul 29, 2024risk 0.00cvss —epss 0.01
Admidio is a free, open source user management system for websites of organizations and groups. In Admidio before version 4.3.9, there is an SQL Injection in the `/adm_program/modules/ecards/ecard_send.php` source file of the Admidio Application. The SQL Injection results in a…
- CVE-2023-47380Nov 22, 2023risk 0.00cvss —epss 0.01
Admidio v4.2.12 and below is vulnerable to Cross Site Scripting (XSS).
- CVE-2023-4190Aug 6, 2023risk 0.00cvss —epss 0.01
Insufficient Session Expiration in GitHub repository admidio/admidio prior to 4.2.11.
- CVE-2023-3692Jul 16, 2023risk 0.00cvss —epss 0.01
Unrestricted Upload of File with Dangerous Type in GitHub repository admidio/admidio prior to 4.2.10.
- CVE-2023-3303Jun 23, 2023risk 0.00cvss —epss 0.00
Improper Access Control in GitHub repository admidio/admidio prior to 4.2.9.
- CVE-2023-3302Jun 23, 2023risk 0.00cvss —epss 0.00
Improper Neutralization of Formula Elements in a CSV File in GitHub repository admidio/admidio prior to 4.2.9.
- CVE-2023-3304Jun 23, 2023risk 0.00cvss —epss 0.00
Improper Access Control in GitHub repository admidio/admidio prior to 4.2.9.
- CVE-2023-3109Jun 5, 2023risk 0.00cvss —epss 0.00
Cross-site Scripting (XSS) - Stored in GitHub repository admidio/admidio prior to 4.2.8.
Page 1 of 2