WordPress Plugin Dropbox Folder Share Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

CVE-2023-35181

The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows users to abuse incorrect folder permission resulting in Privilege Escalation...

CVE-2023-35181

The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows users to abuse incorrect folder permission resulting in Privilege Escalation...

Privilege escalation

The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows users to abuse incorrect folder permission resulting in Privilege Escalation...

PT-2023-29313 · WordPress · Dropbox Folder Share

Name of the Vulnerable Software and Affected Versions: Dropbox Folder Share for WordPress versions up to, and including, 1.9.7 Description: The issue allows unauthenticated attackers to include and execute arbitrary files on the server via the editor-view.php file. This enables the execution of a...

SolarWinds Access Rights Manager Security Vulnerability

SolarWinds Access Rights Manager is a lightweight review management system from SolarWinds. A security vulnerability exists in SolarWinds Access Rights Manager that stems from allowing a user to abuse incorrect folder permissions, which can lead to privilege escalation...

CVE-2023-43801

CVE-2023-43801 affects the Arduino Create Agent, specifically the endpoint /v2/pkgs/tools/installed. A user able to make HTTP requests to the localhost interface or bypass CORS can delete arbitrary files/folders owned by the Arduino Create Agent’s running user via a crafted HTTP DELETE request. R...

CVE-2023-27133

TSplus Remote Work 16.0.0.0 has weak permissions for .exe, .js, and .html files under the %PROGRAMFILESX86%\TSplus-RemoteWork\Clients\www folder. This may enable privilege escalation if a different local user modifies a file. NOTE: CVE-2023-31067 and CVE-2023-31068 are only about the TSplus Remot...

PT-2023-20971 · Tsplus · Tsplus Remote Work

Name of the Vulnerable Software and Affected Versions: TSplus Remote Work version 16.0.0.0 Description: The issue is related to weak permissions for certain file types, including .exe, .js, and .html files, located under the %PROGRAMFILESX86%TSplus-RemoteWorkClientswww folder. This weakness may...

CVE-2022-30527

A vulnerability has been identified in SINEC NMS All versions V2.0. The affected application assigns improper access rights to specific folders containing executable files and libraries. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges...

Atos Unify OpenScape Path Traversal Vulnerability

Atos Unify OpenScape is a native SIP-based real-time Voice over IP system from Atos Unify. A security vulnerability exists in Atos Unify OpenScape that originates from the execution of arbitrary code on the operating system via the Common Management Portal web interface A path traversal...

CVE-2023-43981

Presto Changeo testsitecreator up to 1.1.1 was discovered to contain a deserialization vulnerability via the component deleteexcludedfolder.php...

CVE-2023-43981

Presto Changeo testsitecreator up to 1.1.1 was discovered to contain a deserialization vulnerability via the component deleteexcludedfolder.php...

PT-2023-29056 · Unknown · Presto Changeo Testsitecreator

Name of the Vulnerable Software and Affected Versions: Presto Changeo testsitecreator versions up to 1.1.1 Description: A deserialization vulnerability was discovered in Presto Changeo testsitecreator via the component delete excluded folder.php. Recommendations: For Presto Changeo testsitecreato...

CVE-2023-44157

Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 15 Windows before build 35979...

CVE-2023-44157

Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 15 Windows before build 35979...

Privilege escalation

Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 15 Windows before build 35979...

CVE-2023-44157

Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 15 Windows before build 35979...

CVE-2023-44157

CVE-2023-44157 affects Acronis Cyber Protect 15 (Windows) prior to build 35979. The root cause is insecure folder permissions enabling local privilege escalation. The NVD/CVEs describe a Local Privilege Escalation with high impact on confidentiality, integrity, and availability, and there is no p...

CVE-2023-44157

Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 15 Windows before build 35979...