RSUPPORT RemoteView Agent 安全漏洞

RSUPPORT RemoteView Agent is a remote control agent program from RSUPPORT Japan. A security vulnerability exists in RSUPPORT RemoteView Agent versions prior to v8.1.5.2, which stems from incorrect access permissions to a specific folder, and could cause a non-administrative user to execute...

CVE-2025-1892

A vulnerability was found in shishuocms 1.1. It has been classified as problematic. Affected is an unknown function of the file /manage/folder/add.json of the component Directory Deletion Page. The manipulation of the argument folderName leads to cross site scripting. It is possible to launch the...

The vulnerability of function 0x22200c() in the system file pffilter.sys of the file and folder protection software IOBit Protected Folder, which allows a malicious actor to cause service failure.

The vulnerability of function 0x22200c in the system file pffilter.sys of the file and folder protection software IOBit Protected Folder is related to pointer manipulation. Exploiting this vulnerability can allow an attacker to cause a service failure...

FileRise

FileRise !GitHub starshttps://img.shields.io/github/stars...

CVE-2024-13600

The Majestic Support – The Leading-Edge Help Desk & Customer Support Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.5 via the 'majesticsupportdata' directory. This makes it possible for unauthenticated attackers to extract...

WordPress WP Table Manager plugin <= 4.1.3 - Missing Authorization to Authenticated (Subscriber+) Directory Traversal to Folder/File Name Disclosure vulnerability

Missing Authorization to Authenticated Subscriber+ Directory Traversal to Folder/File Name Disclosure vulnerability discovered by Nguyễn Trung Kiên in WordPress Plugin WP Table Manager versions = 4.1.3...

Azure Linux 3.0 Security Update: nodejs / nodejs18 / reaper (CVE-2024-28863)

The version of nodejs / nodejs18 / reaper installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-28863 advisory. - node-tar is a Tar for Node.js. node-tar prior to version 6.2.1 has no limit on the numbe...

dhtmlxFileExplorer 8.4.6 Directory Traversal Vulnerability

Exploit Title: dhtmlxFileExplorer 8.4.6 - Access Sensitive Floder via Directory Traversal in DHX File Exlploer Exploit Author: Nutchaya Augkanavitayakul, Nattachai Wanmak, Pongtorn Angsuchotmetee Vendor Homepage: https://dhtmlx.com Software Link: https://dhtmlx.com Version: 8.4.6 Tested on: macOS...

CVE-2025-20897

Improper access control in Secure Folder prior to version 1.9.20.50 in Android 14, 1.8.11.0 in Android 13, and 1.7.04.0 in Android 12 allows local attacker to access data in Secure Folder...

SUSE CVE-2024-35177

Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. The wazuh-agent for Windows is vulnerable to a Local Privilege Escalation vulnerability...

CVE-2021-26613

improper input validation vulnerability in nexacro permits copying file to the startup folder using rename method...

CVE-2021-26620

An improper authentication vulnerability leading to information leakage was discovered in iptime NAS2dual. Remote attackers are able to steal important information in the server by exploiting vulnerabilities such as insufficient authentication when accessing the shared folder and changing user’s...

dhtmlxFileExplorer 8.4.6 Directory Traversal

dhtmlxFileExplorer version 8.4.6 is susceptible to a path traversal attack, enabling unauthorized access to system files. Exploit Title: dhtmlxFileExplorer 8.4.6 - Access Sensitive Floder via Directory Traversal in DHX File Exlploer Date: Feb 6, 2025 Exploit Author: Nutchaya Augkanavitayakul,...

CVE-2022-45452

Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Agent Windows before build 30430, Acronis Cyber Protect 15 Windows before build 30984...

CVE-2022-24387

With administrator or admin privileges the application can be tricked into overwriting files in appdata/Config folder, e.g. the systemsettings.xml file. THis is possible in SmarterTrack v100.0.8019.14010...

CVE-2022-44733

Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office Windows before build 39900...

CVE-2022-44732

Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office Windows before build 39900...

CVE-2020-10632

Inadequate folder security permissions in Emerson OpenEnterprise versions through 3.3.4 may allow modification of important configuration files, which could cause the system to fail or behave in an unpredictable manner...

CVE-2024-25909

Unrestricted Upload of File with Dangerous Type vulnerability in JoomUnited WP Media folder.This issue affects WP Media folder: from n/a through 5.7.2...

CVE-2024-7587

Incorrect Default Permissions vulnerability in GenBroker32, which is included in the installers for Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and...