7 matches found
EUVD-2017-3797
Malware in sbrugna...
GHSA-HC6V-386M-93PQ Mattermost fails to properly enforce access controls for guest users
Mattermost versions 10.7.x = 10.7.0, 10.5.x = 10.5.3, 9.11.x = 9.11.12 fail to properly enforce access controls for guest users accessing channel member information, allowing authenticated guest users to view metadata about members of public channels via the channel members API endpoint...
CVE-2003-0732
CiscoWorks Common Management Foundation CMF 2.1 and earlier allows the guest user to obtain restricted information and possibly gain administrative privileges by changing the "guest" user to the Admin user on the Modify or delete users pages...
CVE-2023-45384
KnowBand supercheckout 5.0.7 and 6.0.7 is vulnerable to Unrestricted Upload of File with Dangerous Type. In the module "Module One Page Checkout, Social Login & Mailchimp" supercheckout, a guest can upload files with extensions .php...
CVE-2023-21185
In multiple functions of WifiNetworkFactory.java, there is a missing permission check. This could lead to local escalation of privilege from the guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android I...
Linux Kernel 2.6.37 - Unix Sockets Local Denial of Service
Linux Kernel 2.6.37 - Unix Sockets Local Denial of Service / Simple kernel attack using socketpair. easy, 100% reproductiblle, works under guest. no way to protect : Simple kernel attack using socketpair. easy, 100% reproductiblle, works under guest. no way to protect : See source attached. Proce...
CVE-2003-0731
CiscoWorks Common Management Foundation CMF 2.1 and earlier allows the guest user to gain administrative privileges via a certain POST request to com.cisco.nm.cmf.servlet.CsAuthServlet, possibly involving the "cmd" parameter with a modifyUser value and a modified "priviledges" parameter...