CVE-2022-38378

An improper privilege management vulnerability CWE-269 in Fortinet FortiOS version 7.2.0 and before 7.0.7 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an attacker that has access to the admin profile section System subsection Administrator Users to modify their own profile a...

Hangzhou Kodo Cloud Network Co. Kodo Cloud V4.40 suffers from weak password vulnerability

KodExplorer, Kodo Cloud, is a private cloud online document management solution based on Web technology. Hangzhou Kodo Cloud Network Co., Ltd. Kodo Cloud V4.40 exists a weak password vulnerability, which can be exploited by an attacker to cause arbitrary directory browsing, arbitrary read and wri...