2 matches found
EUVD-2026-44637
PraisonAI before 1.6.78 caches tool approval decisions by tool name only, allowing attackers to reuse initial approvals for subsequent calls with arbitrary arguments. Attackers can exploit this by obtaining approval for a benign operation and then executing dangerous file write operations with...
Foxit PDF Reader 4.2 Javascript File Write
This module exploits an unsafe Javascript API implemented in Foxit PDF Reader version 4.2. The createDataObject Javascript API function allows for writing arbitrary files to the file system. This issue was fixed in version 4.3.1.0218. Note: This exploit uses the All Users directory currently, whi...