Zomato: Page has a link to google drive which has logos and a few customer phone recordings

Description: Go to ███████ Refer to the screenshot below ██████ As you can see in the above image, there is is link to access zomato logos.This redirected me to a google drive page which not only had logos but also customer care recordings where sensitive information like Customer mobile...

CVE-2020-8472

Insufficient folder permissions used by system functions in ABB System 800xA products OPCServer for AC800M versions 6.0 and earlier and Control Builder M Professional, MMSServer for AC800M, Base Software for SoftControl version 6.1 and earlier allow low privileged users to read, modify, add and...

CVE-2020-8473

Insufficient folder permissions used by system functions in ABB System 800xA Base version 6.1 and earlier allow low privileged users to read, modify, add and delete system and application files. An authenticated attacker who successfully exploit the vulnerabilities could escalate his/her...

CVE-2020-8472

Insufficient folder permissions used by system functions in ABB System 800xA products OPCServer for AC800M versions 6.0 and earlier and Control Builder M Professional, MMSServer for AC800M, Base Software for SoftControl version 6.1 and earlier allow low privileged users to read, modify, add and...

Authorization

Insufficient folder permissions used by system functions in ABB System 800xA Base version 6.1 and earlier allow low privileged users to read, modify, add and delete system and application files. An authenticated attacker who successfully exploit the vulnerabilities could escalate his/her...

CVE-2020-8473

CVE-2020-8473 affects ABB System 800xA Base (versions 6.1 and earlier). The vulnerability is due to insufficient folder permissions in system folders, enabling low-privileged users to read, modify, add or delete system and application files. An authenticated attacker could escalate privileges, ca...

CVE-2020-8473 ABB System 800xA Weak File Permissions - ABB System 800xA Base

Insufficient folder permissions used by system functions in ABB System 800xA Base version 6.1 and earlier allow low privileged users to read, modify, add and delete system and application files. An authenticated attacker who successfully exploit the vulnerabilities could escalate his/her...

CVE-2020-12129

The AirDisk Pro app 5.5.3 for iOS allows XSS via the createFolder parameter of the Create Folder function...

CVE-2020-12129

The AirDisk Pro app 5.5.3 for iOS allows XSS via the createFolder parameter of the Create Folder function...

Cross site scripting

The AirDisk Pro app 5.5.3 for iOS allows XSS via the createFolder parameter of the Create Folder function...

Citrix WEM 1903 - Roaming folder files are deleted by VUEMUIAgent.exe on logon

Users noticed that the icons in the task bar went white. This was due to a lot of folders and files were deleted in the User Profiles Example Appdata\Roaming\Adobe\Acrobat\2017\ Appdata\Roaming\Google\Chrome\ Appdata\Roaming\Macromedia\Flash Player\ Appdata\Roaming\Microsoft\Credentials...

Cisco AnyConnect Secure Mobility Client 4.8.01090 Privilege Escalation Vulnerability

Cisco AnyConnect Secure Mobility Client for Windows version 4.8.01090 suffer from a privilege escalation vulnerability due to insecure handling of path names. ------------------------------------------------------------------------ Cisco AnyConnect elevation of privileges due to insecure handling...

Folder Lock 3.4.5 Cross Site Scripting

Document Title: =============== Folder Lock v3.4.5 iOS - Multiple Web Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2210 Release Date: ============= 2020-04-20 Vulnerability Laboratory ID VL-ID: ==================================== 221...

CVE-2020-9280

In SilverStripe through 4.5, files uploaded via Forms to folders migrated from Silverstripe CMS 3.x may be put to the default "/Uploads" folder instead. This affects installations which allowed upload folder protection via the optional silverstripe/secureassets module under 3.x. This module is...

CVE-2020-9280

In SilverStripe through 4.5, files uploaded via Forms to folders migrated from Silverstripe CMS 3.x may be put to the default "/Uploads" folder instead. This affects installations which allowed upload folder protection via the optional silverstripe/secureassets module under 3.x. This module is...

Default credentials

In SilverStripe through 4.5, files uploaded via Forms to folders migrated from Silverstripe CMS 3.x may be put to the default "/Uploads" folder instead. This affects installations which allowed upload folder protection via the optional silverstripe/secureassets module under 3.x. This module is...

CVE-2020-9280

In SilverStripe through 4.5, files uploaded via Forms to folders migrated from Silverstripe CMS 3.x may be put to the default "/Uploads" folder instead. This affects installations which allowed upload folder protection via the optional silverstripe/secureassets module under 3.x. This module is...

CVE-2020-9280

In SilverStripe up to 4.x (notably 4.5), files uploaded via Forms to folders migrated from SilverStripe CMS 3.x may be placed in the default /Uploads folder. This affects installations with the optional silverstripe/secureassets module (enabled by default on the Common Web Platform). The vulnerab...

CVE-2020-1094

An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'...

CVE-2020-1094

An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'...