Priority – CWE-552: Files or Directories Accessible to External Parties
A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Easergy T300 with firmware V2.7.1 and older that could expose files or directory content when access from an atta
Matrix Tafnit v8
- CWE-552: Files or Directories Accessible to External Parties
Files or directories accessible to external parties issue exists in SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier). If exploited, uploaded files and SS1 configuration files may be a
Priority – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
Files or Directories Accessible to External Parties vulnerability in Eliz Software Panel allows Collect Data from Common Resource Locations.
This issue affects Panel: before v2.3.24.
A directory traversal vulnerability exists in the Mavenir SCE Application Provisioning Portal, version PORTAL-LBS-R_1_0_24_0, which allows an administrative user to access system files with the file p
Files or directories accessible to external parties in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.
The web portal on airpointer 2.4.107-2 was vulnerable local file inclusion. A malicious user with administrative privileges in the web portal would be able to manipulate requests to view files on the
E2 Facility Management Systems use a proprietary protocol that allows for unauthenticated file operations on any file in the file system.
External Control of File Name or Path, : Incorrect Permission Assignment for Critical Resource vulnerability in Olgu Computer Systems e-Belediye allows Manipulating Web Input to File System Calls.
Th
Priority
PRI WEB Portal Add-On for Priority ERP on prem
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CWE-250: Execution with Unnecessary Privileges
CWE-250: Execution with Unnecessary Privileges
CODESYS Runtime Toolkit-based products may expose sensitive files to local low-privileged operating system users due to default file permissions.
Local privilege escalation due to incorrect assignment of privileges of temporary files in the update mechanism of G DATA Management Server. This vulnerability allows a local, unprivileged attacker to
External control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.
An External Control of File Name or Path vulnerability in the APROL Web Portal used in B&R APROL <4.4-005P may allow an authenticated network-based attacker to access data from the file system.
A missing protection against path traversal allows to access
any file on the server.
Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.
Page 1+ Next →