4 matches found
EUVD-2026-36644
The Store Locator WordPress plugin before 1.6.9 does not validate a parameter before using it in a file path, allowing high-privileged users such as administrators to read arbitrary .php files from the server, including configuration files that contain database credentials and authentication keys...
CVE-2022-20732
A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager VIM could allow an authenticated, local attacker to access confidential information and elevate privileges on an affected device. This vulnerability is due to improper access permissions for certain...
PT-2022-15484 · 3S Smart Software Solutions · Codesys Control Runtime System
Name of the Vulnerable Software and Affected Versions: CODESYS Control runtime system affected versions not specified Description: A remote attacker could utilize the control program of the CODESYS Control runtime system to read and modify the configuration files of the affected products. The...
Intelbras WRN 150 Security Bypass Vulnerability
Intelbras WRN 150 devices is a wireless router from Intelbras Brazil. A security vulnerability exists in the Intelbras WRN 150 devices. A remote attacker can exploit the vulnerability to read configuration files with the help of a direct request, thereby bypassing authentication...