4 matches found
CVE-2026-24420
phpMyFAQ is an open source FAQ web application. Versions 4.0.16 and below allow an authenticated user without the dlattachment permission to download FAQ attachments due to a incomprehensive permissions check. The presence of a right key is improperly validated as proof of authorization in...
EUVD-2019-18759
Malware in sbrugna...
Authentication Bypass
zoneminder is vulnerable to Authentication Bypass. The vulnerability exists due to the improper permissions check on the snapshot action, which trigger ends up calling shellexec using the supplied Id, allowing an attacker to bypass the authorization mechanism by injecting and executing malicious...
Privilege escalation
In LockPatternUtils, there is a possible escalation of privilege due to an improper permissions check. This could lead to local bypass of the Lockguard with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID:...