CVE-2023-28870

Insecure File Permissions in Support Assistant in NCP Secure Enterprise Client before 12.22 allow attackers to write to configuration files from low-privileged user accounts...

PT-2022-26066 · Delta Electronics · Infrasuite Device Master

Name of the Vulnerable Software and Affected Versions: Delta Electronics InfraSuite Device Master versions 00.00.01a and prior Description: The issue allows unauthenticated users to trigger the WriteConfiguration method. This could enable an attacker to modify user configuration files, such as...

Delta Electronics InfraSuite Device Master 访问控制错误漏洞

Delta Electronics InfraSuite Device Master is a device used to simplify and automate the monitoring of critical devices from Delta Electronics Taiwan, China. An access control error vulnerability exists in versions prior to Delta Electronics InfraSuite Device Master 00.00.01a that stems from...

CVE-2019-19885

In Bender COMTRAXX, user authorization is validated for most, but not all, routes in the system. A user with knowledge about the routes can read and write configuration data without prior authorization. This affects COM465IP, COM465DP, COM465ID, CP700, CP907, and CP915 devices before 4.2.0...

Code Execution Vulnerability in phpyun v4.3.1 Beta

PHP Cloud Talent System phpyun is an open source talent and enterprise job search and recruitment solution built using PHP and MySQL databases. A code execution vulnerability exists in phpyun v4.3.1 Beta. An attacker can exploit the vulnerability to construct specific code, write to a configurati...

check-mk: multiple flaws fixed in versions 1.2.4p4 and 1.2.5i4

CheckMK before 1.2.4p4 and 1.2.5 before 1.2.5i4 allows remote authenticated users to write checkmk config files .mk files to arbitrary locations via vectors related to row selections...