CVE-2024-5599

The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.7 via the 'fileorganizerajaxhandler' function. This makes it possible for unauthenticated attackers to extract sensitive data...

CVE-2024-49389

Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Files Windows before build 9.0.0x24...

CVE-2024-49335

Cross-Site Request Forgery CSRF vulnerability in sh4d0w28 GoogleDrive folder list googledrive-folder-list allows Stored XSS.This issue affects GoogleDrive folder list: from n/a through = 2.2.2...

CVE-2024-6037

A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows an attacker to create arbitrary folders at any location on the server, including the root directory C: dir. This can lead to uncontrolled resource consumption, resulting in resource exhaustion, denial of service DoS, server...

CVE-2024-39165

QR/demoapp/qrimage.php in Asial JpGraph Professional through 4.2.6-pro allows remote attackers to execute arbitrary code via a PHP payload in the data parameter in conjunction with a .php file name in the filename parameter. This occurs because an unnecessary QR/demoapp folder.is shipped with the...

CVE-2025-20897

Improper access control in Secure Folder prior to version 1.9.20.50 in Android 14, 1.8.11.0 in Android 13, and 1.7.04.0 in Android 12 allows local attacker to access data in Secure Folder...

CVE-2025-20897

Improper access control in Secure Folder prior to version 1.9.20.50 in Android 14, 1.8.11.0 in Android 13, and 1.7.04.0 in Android 12 allows local attacker to access data in Secure Folder...

CVE-2025-20897

Improper access control in Secure Folder prior to version 1.9.20.50 in Android 14, 1.8.11.0 in Android 13, and 1.7.04.0 in Android 12 allows local attacker to access data in Secure Folder...

CVE-2025-20897

CVE-2025-20897 concerns Samsung Secure Folder across Android 12–14. The issue is described as improper access control within Secure Folder, enabling a local attacker to access data. Affected versions include: Android 14 — Secure Folder prior to 1.9.20.50; Android 13 — prior to 1.8.11.0; Android 1...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices, which stems from an improper access control issue contained in the Secure Folder...

PT-2025-4179 · Samsung +1 · Secure Folder +3

Name of the Vulnerable Software and Affected Versions: Secure Folder versions prior to 1.9.20.50 in Android 14 Secure Folder versions prior to 1.8.11.0 in Android 13 Secure Folder versions prior to 1.7.04.0 in Android 12 Description: The issue is related to improper access control in Secure Folde...

CVE-2024-35177 Improper Access Control in wazuh-agent

Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. The wazuh-agent for Windows is vulnerable to a Local Privilege Escalation vulnerability...

CVE-2024-57452

ChestnutCMS =1.5.0 has an arbitrary file deletion vulnerability in contentcore.controller.FileController, which allows attackers to delete any file and folder...

CVE-2024-57968

CVE-2024-57968 affects Advantive VeraCore (pre-2024.4.2.1). It is an unrestricted file upload vulnerability that allows a remote authenticated user to upload files to unintended folders (upload.aspx). VeraCore was patched in version 2024.4.2.1. In practice, multiple sources flag active exploitati...

CVE-2023-29080

CVE-2023-29080 concerns Revenera InstallShield (versions 2021 R2 and 2022 R2). A DLL hijacking vulnerability arises from an InstallScript custom action that extracts binaries to a predefined writable folder during installation. With standard user write access to these files/folders, an attacker c...

Revenera InstallShield 安全漏洞

Revenera InstallShield Flexera InstallShield is a development package from Revenera Inc. for building Windows installers and MSIX packages. A security vulnerability exists in Revenera InstallShield version 2022 R2 and version 2021 R2, which stems from a DLL hijacking triggered by improperly...

PT-2025-1387 · Revenera · Revenera Installshield

Name of the Vulnerable Software and Affected Versions: Revenera InstallShield versions 2021 R2 through 2022 R2 Description: The issue concerns a potential privilege escalation vulnerability due to the addition of an InstallScript custom action to a Basic MSI or InstallScript MSI project. This...

CVE-2025-24826

Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Snap Deploy Windows before build 4625...

CVE-2025-24826

Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Snap Deploy Windows before build 4625...

CVE-2025-24826

Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Snap Deploy Windows before build 4625...