By default, dedicated folders of ZEDMAIL for Windows up to 2024.3 can be accessed by other users to misuse technical files and make them perform tasks with higher privileges. Configuration of ZEDMAIL
By default, dedicated folders of ZONEPOINT for Windows up to 2024.1 can be accessed by other users to misuse technical files and make them perform tasks with higher privileges. Configuration of ZONEPO
By default, dedicated folders of ORIZON for Windows up to 2024.3 can be accessed by other users to misuse technical files and make them perform tasks with higher privileges. Configuration of ORIZON ha
By default, dedicated folders of ZONECENTRAL for Windows up to 2024.3 or up to Q.2021.2 (ANSSI qualification submission) can be accessed by other users to misuse technical files and make them perform
By default, dedicated folders of CRYHOD for Windows up to 2024.3 can be accessed by other users to misuse technical files and make them perform tasks with higher privileges. Configuration of CRYHOD ha
In PRIMX ZED Enterprise up to 2024.3, technical files stored in local folders with common user access can be manipulated to render the host computer unavailable or to execute programs with an elevatio
ZKTeco ZKTime.Net 3.0.1.6 contains an insecure file permissions vulnerability that allows unprivileged users to escalate privileges by modifying executable files. Attackers can exploit world-writable
The NetCloud Exchange client for Windows, version 1.110.50, contains an insecure file and folder permissions vulnerability. A normal (non-admin) user could exploit the weakness in file and folder perm
ZKTeco ZKAccess Professional 3.5.3 contains an insecure file permissions vulnerability that allows authenticated users to escalate privileges by modifying executable files. Attackers can leverage the
Incorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to create arbitrary folders.
Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to directory traversal vulnerability which allows the user to upload new files to the server folder.
Prior to version 25.4.270.0, a local authenticated attacker can manipulate user profile files to add illegitimate challenge response codes into the local user registry under certain conditions. This a
A vulnerability, which was classified as critical, has been found in zj1983 zz up to 2024-8. This issue affects some unknown processing of the file src/main/java/com/futvan/z/system/zfile/ZfileAction.
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause unauthorized access to sensitive files when an authenticated attackers uses
A vulnerability classified as critical has been found in ZeroWdd myblog 1.0. This affects an unknown part of the file src/main/java/com/wdd/myblog/config/MyBlogMvcConfig.java. The manipulation leads t
An arbitrary file deletion vulnerability exists in the admin/del.php file at line 62 in ZZCMS 2023 and earlier. Due to insufficient validation and sanitization of user input for file paths, an attacke
A vulnerability, which was classified as critical, was found in zj1983 zz up to 2024-8. This affects an unknown part of the file /resolve. The manipulation of the argument file leads to unrestricted u
A vulnerability was found in zj1983 zz up to 2024-8. It has been declared as problematic. This vulnerability affects the function deleteLocalFile of the file src/main/java/com/futvan/z/system/zfile/Zf
Dell SmartFabric OS10 Software, versions prior to 10.6.0.5 contains a Files or Directories Accessible to External Parties vulnerability. A low privileged attacker with local access could potentially e
A vulnerability, which was classified as critical, has been found in ZeroWdd myblog 1.0. This issue affects the function upload of the file src/main/java/com/wdd/myblog/controller/admin/uploadControll
Page 1+ Next →