6 matches found
CVE-2025-11567
CWE-276: Incorrect Default Permissions vulnerability exists that could cause elevated system access when the target installation folder is not properly secured...
CVE-2002-2152
The Czech edition of Software602's Web Server before 2002.0.02.0916 allows remote attackers to gain administrator privileges via direct HTTP requests to the /admin/ directory, which is not password protected...
CVE-2024-13623
The CVE-2024-13623 issue affects the WordPress plugin Order Export for WooCommerce. It allows unauthenticated attackers to exfiltrate sensitive data stored in the uploads directory, applicable to all versions up to 3.24. The vulnerability is conditional: it exists when Order data storage is set t...
Mozilla VPN local privilege escalation vis uncontrolled OpenSSL search path — Mozilla
Mozilla VPN can load an OpenSSL configuration file from an unsecured directory. A user or attacker with limited privileges could leverage this to launch arbitrary code with SYSTEM privilege...
PT-2022-1721 · Mozilla · Vpn
Name of the Vulnerable Software and Affected Versions: Mozilla VPN versions prior to 2.7.1 Description: The issue is related to Mozilla VPN's ability to load an OpenSSL configuration file from an unsecured directory. This could allow a user or attacker with limited privileges to launch arbitrary...
IBM Spectrum Protect Client Elevation of Privilege Vulnerability
IBM Spectrum Protect formerly known as Tivoli Storage Manager is a suite of data protection platforms from IBM in the United States. The platform provides organizations with a single point of control and management, and supports backup and recovery for virtual, physical, and cloud environments of...