CVE-2025-69604

An issue in Shirt Pocket's SuperDuper! 3.11 and earlier allow a local attacker to modify the default task template to install an arbitrary package that can run shell scripts with root privileges and Full Disk Access, thus bypassing macOS privacy controls...

CVE-2025-69604

CVE-2025-69604 affects Shirt Pocket’s SuperDuper! 3.11 and earlier. A local attacker can modify the default task template to install an arbitrary package that can run shell scripts with root privileges and Full Disk Access, thereby bypassing macOS privacy controls. Affected component: the SuperDu...

CVE-2025-69604

An issue in Shirt Pocket's SuperDuper! 3.11 and earlier allow a local attacker to modify the default task template to install an arbitrary package that can run shell scripts with root privileges and Full Disk Access, thus bypassing macOS privacy controls...

EUVD-2025-206519

An issue in Shirt Pocket's SuperDuper! 3.11 and earlier allow a local attacker to modify the default task template to install an arbitrary package that can run shell scripts with root privileges and Full Disk Access, thus bypassing macOS privacy controls...

Shirt Pocket SuperDuper! security vulnerability

Shirt Pocket SuperDuper! is a data backup, disk cloning, and recovery tool for macOS systems developed by Shirt Pocket. Versions of Shirt Pocket SuperDuper! 3.11 and earlier contain security vulnerabilities. These vulnerabilities stem from the default task templates being susceptible to...

Exploit for Improper Access Control in Shirt-Pocket Superduper\!

CVE-2025-61229 Description From the developer's blog:...

EUVD-2025-200025

An issue in Shirt Pocket's SuperDuper! 3.10 and earlier allow a local attacker to modify the default task template to execute an arbitrary preflight script with root privileges and Full Disk Access, thus bypassing macOS privacy controls...

CVE-2025-61229

An issue in Shirt Pocket's SuperDuper! 3.10 and earlier allow a local attacker to modify the default task template to execute an arbitrary preflight script with root privileges and Full Disk Access, thus bypassing macOS privacy controls...

CVE-2025-61229

An issue in Shirt Pocket's SuperDuper! 3.10 and earlier allow a local attacker to modify the default task template to execute an arbitrary preflight script with root privileges and Full Disk Access, thus bypassing macOS privacy controls...

CVE-2025-61229

Connected documents confirm a concrete vulnerability in Shirt Pocket’s SuperDuper!

CVE-2025-61229

An issue in Shirt Pocket's SuperDuper! 3.10 and earlier allow a local attacker to modify the default task template to execute an arbitrary preflight script with root privileges and Full Disk Access, thus bypassing macOS privacy controls...

CVE-2020-20474

White Shark System WSS 1.3.2 has a SQL injection vulnerability. The vulnerability stems from the defaulttaskedituser.php files failing to filter the csatouser parameter. Remote attackers can exploit the vulnerability to obtain database sensitive information...

CVE-2020-20467

White Shark System WSS 1.3.2 is vulnerable to sensitive information disclosure via defaulttaskadd.php, remote attackers can exploit the vulnerability to create a task...

White Shark System SQL注入漏洞

White Shark System WSS is a browser-based collaboration platform that integrates Project Management, Task Management, Work Management and Work Log Management. Project Management", "Task Management", "Work Management" and "Work Log Management". A SQL injection vulnerability exists in White Shark...