3 matches found
SUSE CVE-2025-9081
Mattermost versions 10.5.x = 10.5.8, 9.11.x = 9.11.17 fail to properly validate access controls which allows any authenticated user to download sensitive files via board file download endpoint using UUID enumeration...
CVE-2024-7729 CAYIN Technology CMS - Sensitive File Download
The CAYIN Technology CMS lacks proper access control, allowing unauthenticated remote attackers to download arbitrary CGI files...
D-Link DSL-2888A Default Configuration Issue Vulnerability
The D-link DSL-2888A is a Unified Services Router from D-link China. A default configuration issue vulnerability exists in the D-Link DSL-2888A devices, which can be exploited by an attacker to access system folders and download sensitive files e.g., password hash files...