CVE-2020-26954

When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins. This could be used to gain fullscreen access for UI spoofing and could also lead to cross-origin attacks on...

CVE-2018-16270

Samsung Galaxy Gear series before build RE2 includes the hcidump utility with no privilege or permission restriction. This allows an unprivileged process to dump Bluetooth HCI packets to an arbitrary file path...

Unspecified Vulnerability in SALTO ProAccess SPACE

Salto Systems ProAccess SPACE is a web-based access control management tool from Salto Systems, Spain. A security vulnerability exists in Salto Systems ProAccess SPACE version 5.4.3.0. An attacker can exploit the vulnerability to perform a write operation to an arbitrary path on the file system...

CVE-2019-5221

There is a path traversal vulnerability on Huawei Share. The software does not properly validate the path, an attacker could crafted a file path when transporting file through Huawei Share, successful exploit could allow the attacker to transport a file to arbitrary path on the phone. Affected...

S40 0.4.2 CMS Directory Traversal Vulnerability

This module exploits a directory traversal vulnerability found in S40 CMS. The flaw is due to the 'page' function not properly handling the $pid parameter, which allows a malicious user to load an arbitrary file path. This module requires Metasploit: https://metasploit.com/download Current source...