2 matches found
CVE-2020-23039
CVE-2020-23039 concerns Folder Lock v3.4.5, where a stored XSS vulnerability exists in the Create Folder function (Create module). The underlying issue is lack of data validation/filtering for user-supplied data in folder names/paths, allowing an attacker to inject arbitrary web scripts or HTML t...
CVE-2008-3775
Folder Lock 5.9.5 and earlier is affected. The issue is the use of weak password encryption (ROT-25), which allows local administrators to obtain sensitive information by reading and decrypting the QualityControl_pack registry value. No patch/versioned fix is specified in the provided documents. ...