CVE-2023-7241 Webroot Antivirus COM-Hijacking LPE

Privilege Escalation in WRSA.EXE in Webroot Antivirus 8.0.1X- 9.0.35.12 on Windows64 bit and 32 bit allows malicious software to abuse WRSA.EXE to delete arbitrary and protected files...

CVE-2023-7241

CVE-2023-7241 affects Webroot Antivirus WRSA.EXE, with privilege escalation on Windows (64-bit and 32-bit) versions 8.0.1X through 9.0.35.12. The issue allows a malicious program to abuse WRSA.EXE to delete arbitrary and protected files, constituting local privilege escalation with high impact to...

CVE-2023-7241 Webroot Antivirus COM-Hijacking LPE

Privilege Escalation in WRSA.EXE in Webroot Antivirus 8.0.1X- 9.0.35.12 on Windows64 bit and 32 bit allows malicious software to abuse WRSA.EXE to delete arbitrary and protected files...

Webroot Antivirus 安全漏洞

Webroot Antivirus is an antivirus software from Webroot USA. A security vulnerability exists in Webroot Antivirus versions 8.0.1X through 9.0.35.12 that originates from a vulnerability that allows malware to abuse WRSA.EXE to delete arbitrary files...

PT-2024-15246 · Webroot · Webroot Antivirus

Name of the Vulnerable Software and Affected Versions: Webroot Antivirus versions 8.0.1 through 9.0.35.12 Description: The issue allows malicious software to abuse WRSA.EXE to delete arbitrary and protected files due to a privilege escalation vulnerability. This vulnerability affects Webroot...

BIT-SUITECRM-2020-8803

SuiteCRM through 7.11.11 allows Directory Traversal to include arbitrary .php files within the webroot via addtoprospectlist...

CVE-2024-23760

Cleartext Storage of Sensitive Information in Gambio 4.9.2.0 allows attackers to obtain sensitive information via error-handler.log.json and legacy-error-handler.log.txt under the webroot...

CVE-2024-23760

Cleartext Storage of Sensitive Information in Gambio 4.9.2.0 allows attackers to obtain sensitive information via error-handler.log.json and legacy-error-handler.log.txt under the webroot...

Information disclosure

Cleartext Storage of Sensitive Information in Gambio 4.9.2.0 allows attackers to obtain sensitive information via error-handler.log.json and legacy-error-handler.log.txt under the webroot...

Gambio Log Information Disclosure Vulnerability

Gambio is an all-in-one e-commerce solution from Gambio, Inc. A log information disclosure vulnerability exists in Gambio 4.9.2.0 and earlier versions, which originates from a vulnerability that allows attackers to obtain sensitive information via error-handler.log.json and...

CVE-2024-23760

Cleartext Storage of Sensitive Information in Gambio 4.9.2.0 allows attackers to obtain sensitive information via error-handler.log.json and legacy-error-handler.log.txt under the webroot...

CVE-2024-23760

Cleartext Storage of Sensitive Information in Gambio 4.9.2.0 allows attackers to obtain sensitive information via error-handler.log.json and legacy-error-handler.log.txt under the webroot...

GHSA-C8HJ-W239-5GVF pimcore/admin-ui-classic-bundle Full Path Disclosure via re-export document

Impact Full Path Disclosure FPD vulnerabilities enable the attacker to see the path to the webroot/file. e.g.: /home/omg/htdocs/file/. Certain vulnerabilities, such as using the loadfile within a SQL Injection query to view the page source, require the attacker to have the full path to the file...

pimcore/admin-ui-classic-bundle Full Path Disclosure via re-export document

Impact Full Path Disclosure FPD vulnerabilities enable the attacker to see the path to the webroot/file. e.g.: /home/omg/htdocs/file/. Certain vulnerabilities, such as using the loadfile within a SQL Injection query to view the page source, require the attacker to have the full path to the file...

Pimcore Security Vulnerability

Pimcore is Austria Pimcore company's set of open source for creating and managing Web applications Web content management platform. The platform integrates Web content management, e-commerce frameworks and product information management applications. A security vulnerability exists in Pimcore Adm...

CVE-2023-45880

GibbonEdu Gibbon through version 25.0.0 allows Directory Traversal via the report template builder. An attacker can create a new Asset Component. The templateFileDestination parameter can be set to an arbitrary pathname and extension. This allows creation of PHP files outside of the uploads...

CVE-2023-45880

GibbonEdu Gibbon through version 25.0.0 allows Directory Traversal via the report template builder. An attacker can create a new Asset Component. The templateFileDestination parameter can be set to an arbitrary pathname and extension. This allows creation of PHP files outside of the uploads...

CVE-2023-45880

GibbonEdu Gibbon through version 25.0.0 allows Directory Traversal via the report template builder. An attacker can create a new Asset Component. The templateFileDestination parameter can be set to an arbitrary pathname and extension. This allows creation of PHP files outside of the uploads...

Directory traversal

GibbonEdu Gibbon through version 25.0.0 allows Directory Traversal via the report template builder. An attacker can create a new Asset Component. The templateFileDestination parameter can be set to an arbitrary pathname and extension. This allows creation of PHP files outside of the uploads...

CVE-2023-45880

GibbonEdu Gibbon through version 25.0.0 allows Directory Traversal via the report template builder. An attacker can create a new Asset Component. The templateFileDestination parameter can be set to an arbitrary pathname and extension. This allows creation of PHP files outside of the uploads...