Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-425
Total 97 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-14347 1 Schben 1 Adive 2023-03-03 6.5 MEDIUM 8.8 HIGH
Internal/Views/addUsers.php in Schben Adive 2.0.7 allows remote unprivileged users (editor or developer) to create an administrator account via admin/user/add, as demonstrated by a Python PoC script.
CVE-2018-0140 1 Cisco 19 Content Security Management Appliance, Content Security Management Appliance Sma M190, Content Security Management Appliance Sma M390 and 16 more 2023-02-21 4.0 MEDIUM 6.5 MEDIUM
A vulnerability in the spam quarantine of Cisco Email Security Appliance and Cisco Content Security Management Appliance could allow an authenticated, remote attacker to download any message from the spam quarantine by modifying browser string information. The vulnerability is due to a lack of verification of authenticated user accounts. An attacker could exploit this vulnerability by modifying browser strings to see messages submitted by other users to the spam quarantine within their company. Cisco Bug IDs: CSCvg39759, CSCvg42295.
CVE-2020-35570 2 Helmholz, Mbconnectline 4 Myrex24, Myrex24.virtual, Mbconnect24 and 1 more 2023-02-15 5.0 MEDIUM 5.3 MEDIUM
An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual through 2.11.2. An unauthenticated attacker is able to access files (that should have been restricted) via forceful browsing.
CVE-2022-28799 1 Tiktok 1 Tiktok 2022-12-09 6.8 MEDIUM 8.8 HIGH
The TikTok application before 23.7.3 for Android allows account takeover. A crafted URL (unvalidated deeplink) can force the com.zhiliaoapp.musically WebView to load an arbitrary website. This may allow an attacker to leverage an attached JavaScript interface for the takeover with one click.
CVE-2021-24695 1 Tipsandtricks-hq 1 Simple Download Monitor 2022-11-09 5.0 MEDIUM 7.5 HIGH
The Simple Download Monitor WordPress plugin before 3.9.6 saves logs in a predictable location, and does not have any authentication or authorisation in place to prevent unauthenticated users to download and read the logs containing Sensitive Information such as IP Addresses and Usernames
CVE-2022-41746 2 Microsoft, Trendmicro 2 Windows, Apex One 2022-10-11 N/A 9.1 CRITICAL
A forced browsing vulnerability in Trend Micro Apex One could allow an attacker with access to the Apex One console on affected installations to escalate privileges and modify certain agent groupings. Please note: an attacker must first obtain the ability to log onto the Apex One web console in order to exploit this vulnerability.
CVE-2022-2551 1 Snapcreek 1 Duplicator 2022-08-23 N/A 7.5 HIGH
The Duplicator WordPress plugin before 1.4.7 discloses the url of the a backup to unauthenticated visitors accessing the main installer endpoint of the plugin, if the installer script has been run once by an administrator, allowing download of the full site backup without authenticating.
CVE-2022-2544 1 Wpmanageninja 1 Ninja Job Board 2022-08-23 N/A 7.5 HIGH
The Ninja Job Board WordPress plugin before 1.3.3 does not protect the directory where it stores uploaded resumes, making it vulnerable to unauthenticated Directory Listing which allows the download of uploaded resumes.
CVE-2021-24215 1 Wpruby 1 Controlled Admin Access 2022-07-30 10.0 HIGH 9.8 CRITICAL
An Improper Access Control vulnerability was discovered in the Controlled Admin Access WordPress plugin before 1.5.2. Uncontrolled access to the website customization functionality and global CMS settings, like /wp-admin/customization.php and /wp-admin/options.php, can lead to a complete compromise of the target resource.
CVE-2021-24238 1 Purethemes 2 Findeo, Realteo 2022-07-29 4.0 MEDIUM 6.5 MEDIUM
The Realteo WordPress plugin before 1.2.4, used by the Findeo Theme, did not ensure that the requested property to be deleted belong to the user making the request, allowing any authenticated users to delete arbitrary properties by tampering with the property_id parameter.
CVE-2022-2192 1 Hypr 1 Hypr Server 2022-07-27 N/A 8.8 HIGH
Forced Browsing vulnerability in HYPR Server version 6.10 to 6.15.1 allows remote attackers with a valid one-time recovery token to elevate privileges via path tampering in the Magic Link page. This issue affects: HYPR Server versions later than 6.10; version 6.15.1 and prior versions.
CVE-2021-20114 1 Tecnick 1 Tcexam 2022-07-12 5.0 MEDIUM 7.5 HIGH
When installed following the default/recommended settings, TCExam <= 14.8.1 allowed unauthenticated users to access the /cache/backup/ directory, which included sensitive database backup files.
CVE-2020-24203 1 Projectworlds 1 Travel Management System 2022-07-12 7.5 HIGH 9.8 CRITICAL
Insecure File Permissions and Arbitrary File Upload in the upload pic function in updatesubcategory.php in Projects World Travel Management System v1.0 allows remote unauthenticated attackers to gain remote code execution.
CVE-2021-28150 1 Hongdian 2 H8922, H8922 Firmware 2022-07-12 2.1 LOW 5.5 MEDIUM
Hongdian H8922 3.0.5 devices allow the unprivileged guest user to read cli.conf (with the administrator password and other sensitive data) via /backup2.cgi.
CVE-2021-40875 1 Gurock 1 Testrail 2022-07-12 5.0 MEDIUM 7.5 HIGH
Improper Access Control in Gurock TestRail versions < resulted in sensitive information exposure. A threat actor can access the /files.md5 file on the client side of a Gurock TestRail application, disclosing a full list of application files and the corresponding file paths. The corresponding file paths can be tested, and in some cases, result in the disclosure of hardcoded credentials, API keys, or other sensitive data.
CVE-2021-42671 1 Engineers Online Portal Project 1 Engineers Online Portal 2022-07-12 5.0 MEDIUM 7.5 HIGH
An incorrect access control vulnerability exists in Sourcecodester Engineers Online Portal in PHP in nia_munoz_monitoring_system/admin/uploads. An attacker can leverage this vulnerability in order to bypass access controls and access all the files uploaded to the web server without the need of authentication or authorization.
CVE-2021-36745 1 Trendmicro 1 Serverprotect 2022-07-12 10.0 HIGH 9.8 CRITICAL
A vulnerability in Trend Micro ServerProtect for Storage 6.0, ServerProtect for EMC Celerra 5.8, ServerProtect for Network Appliance Filers 5.8, and ServerProtect for Microsoft Windows / Novell Netware 5.8 could allow a remote attacker to bypass authentication on affected installations.
CVE-2021-36560 1 Phone Shop Sales Management System Project 1 Phone Shop Sales Management System 2022-07-12 7.5 HIGH 9.8 CRITICAL
Phone Shop Sales Managements System using PHP with Source Code 1.0 is vulnerable to authentication bypass which leads to account takeover of the admin.
CVE-2021-22180 1 Gitlab 1 Gitlab 2022-07-12 4.0 MEDIUM 4.3 MEDIUM
An issue has been discovered in GitLab affecting all versions starting from 13.4. Improper access control allows unauthorized users to access details on analytic pages.
CVE-2022-29238 1 Jupyter 1 Notebook 2022-06-24 4.0 MEDIUM 4.3 MEDIUM
Jupyter Notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.12, authenticated requests to the notebook server with `ContentsManager.allow_hidden = False` only prevented listing the contents of hidden directories, not accessing individual hidden files or files in hidden directories (i.e. hidden files were 'hidden' but not 'inaccessible'). This could lead to notebook configurations allowing authenticated access to files that may reasonably be expected to be disallowed. Because fully authenticated requests are required, this is of relatively low impact. But if a server's root directory contains sensitive files whose only protection from the server is being hidden (e.g. `~/.ssh` while serving $HOME), then any authenticated requests could access files if their names are guessable. Such contexts also necessarily have full access to the server and therefore execution permissions, which also generally grants access to all the same files. So this does not generally result in any privilege escalation or increase in information access, only an additional, unintended means by which the files could be accessed. Version 6.4.12 contains a patch for this issue. There are currently no known workarounds.