CVE-2021-37207

A vulnerability has been identified in SENTRON powermanager V3 All versions. The affected application assigns improper access rights to a specific folder containing configuration files. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges...

PT-2023-21973 · Zscaler · Zscaler Client Connector For Windows

Name of the Vulnerable Software and Affected Versions: Zscaler Client Connector for Windows versions prior to 4.1 Description: The issue allows a malicious user to execute code as a privileged user by replacing a folder where the Zscaler Client Connector for Windows writes or deletes a...

Design/Logic Flaw

With administrator or admin privileges the application can be tricked into overwriting files in appdata/Config folder, e.g. the systemsettings.xml file. THis is possible in SmarterTrack v100.0.8019.14010...

CVE-2022-24387 File upload and overwrite to app_data/Config in SmarterTrack v100.0.8019.14010

With administrator or admin privileges the application can be tricked into overwriting files in appdata/Config folder, e.g. the systemsettings.xml file. THis is possible in SmarterTrack v100.0.8019.14010...

PT-2022-16662 · Unknown · Smartertrack

Name of the Vulnerable Software and Affected Versions: SmarterTrack version 100.0.8019.14010 Description: The application can be tricked into overwriting files in the app data/Config folder, such as the systemsettings.xml file, with administrator or admin privileges. Recommendations: For...