9 matches found
CVE-2022-27967
Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of excluded files and profiles via a crafted GET request sent to /WebApp/SettingsExclusion/GetExclusionsProfiles...
CVE-2025-58373 Roo Code: Symlink-bypass of .rooignore can lead to unintended file disclosure
Roo Code is an AI-powered autonomous coding agent that lives in users' editors. Versions 3.25.23 and below contain a vulnerability where .rooignore protections could be bypassed using symlinks. This allows an attacker with write access to the workspace to trick the extension into reading files th...
CVE-2022-27967
Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of excluded files and profiles via a crafted GET request sent to /WebApp/SettingsExclusion/GetExclusionsProfiles...
CVE-2022-27967
Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of excluded files and profiles via a crafted GET request sent to /WebApp/SettingsExclusion/GetExclusionsProfiles...
Web Port 授权问题漏洞
Web Port is a web-based SCADA data acquisition and monitoring system and HMI human machine interface system. A security vulnerability exists in Cynet 360 Web Portal versions prior to v4.5, which stems from a vulnerability that allows an attacker to access a list of excluded files and configuratio...
Web Port 授权问题漏洞
Web Port is a web-based SCADA data acquisition and monitoring system and HMI human machine interface system. A security vulnerability exists in Cynet 360 Web Portal versions prior to v4.5, which stems from a vulnerability that allows an attacker to access a list of excluded files and configuratio...
Web Port 授权问题漏洞
Web Port is a web-based SCADA data acquisition and monitoring system and HMI human machine interface system. A security vulnerability exists in Cynet 360 Web Portal versions prior to v4.5, which stems from a vulnerability that allows an attacker to access a list of excluded files and configuratio...
PT-2022-18727 · Cynet · Cynet 360 Web Portal
Name of the Vulnerable Software and Affected Versions: Cynet 360 Web Portal versions prior to 4.5 Description: The issue allows attackers to access a list of excluded files and profiles via a crafted GET request sent to "/WebApp/SettingsExclusion/GetExclusionsProfiles". Recommendations: For...
McAfee Total Protection Information Disclosure Vulnerability
McAfee Total Protection MTP is a suite of antivirus software from the American company McAfee. An information disclosure vulnerability exists in McAfee MTP 16.0.R21 and prior versions, which can be exploited by an attacker to read the plaintext list of AV-Scan excluded files from the Windows...