Vulnerabilities > B1Ackc4T

DATE CVE VULNERABILITY TITLE RISK
2024-07-05 CVE-2024-37768 Unspecified vulnerability in B1Ackc4T 14Finger 1.1
14Finger v1.1 was discovered to contain an arbitrary user deletion vulnerability via the component /api/admin/user?id.
network
low complexity
b1ackc4t
critical
 9.1
9.1
2024-07-05 CVE-2024-37769 Unspecified vulnerability in B1Ackc4T 14Finger 1.1
Insecure permissions in 14Finger v1.1 allow attackers to escalate privileges from normal user to Administrator via a crafted POST request.
network
low complexity
b1ackc4t
8.8
8.8