3 matches found
VulnCheck KEV: CVE-2024-50334
Scoold is a Q&A and a knowledge sharing platform for teams. A semicolon path injection vulnerability was found on the /api;/config endpoint. By appending a semicolon in the URL, attackers can bypass authentication and gain unauthorised access to sensitive configuration data. Furthermore, PUT...
PT-2022-12182 · Wondershare · Dr. Fone
Name of the Vulnerable Software and Affected Versions: Wondershare LTD Dr. Fone as of 2021-12-06 version Description: The issue is related to remote code execution due to software design flaws. An unauthenticated user can communicate over UDP with the "InstallAssistService.exe" service, which run...
PT-2018-10598 · Windscribe +1 · Windscribe +1
Name of the Vulnerable Software and Affected Versions: Windscribe version 1.81 Description: The issue concerns the VPN component in Windscribe, which uses the OpenVPN client and creates a system process named WindScribeService.exe. This process establishes a named pipe endpoint,...