Vulnerabilities > Incorrect Default Permissions
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-05-13 | CVE-2022-30367 | Incorrect Default Permissions vulnerability in AIR Cargo Management System Project AIR Cargo Management System 1.0 Air Cargo Management System v1.0 is vulnerable to file deletion via /acms/classes/Master.php?f=delete_img. | 5.5 |
2022-05-13 | CVE-2022-30375 | Incorrect Default Permissions vulnerability in Simple Social Networking Site Project Simple Social Networking Site 1.0 Sourcecodester Simple Social Networking Site v1.0 is vulnerable to file deletion via /sns/classes/Master.php?f=delete_img. | 5.5 |
2022-05-06 | CVE-2022-23802 | Incorrect Default Permissions vulnerability in Ijoomla Guru 5.2.5 Joomla Guru extension 5.2.5 is affected by: Insecure Permissions. | 7.5 |
2022-04-28 | CVE-2022-29585 | Incorrect Default Permissions vulnerability in Mahara In Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0, a site using Isolated Institutions is vulnerable if more than ten groups are used. | 5.0 |
2022-04-26 | CVE-2022-28218 | Incorrect Default Permissions vulnerability in Ciphermail Webmail Messenger An issue was discovered in CipherMail Webmail Messenger 1.1.1 through 4.1.4. | 5.5 |
2022-04-22 | CVE-2021-3722 | Incorrect Default Permissions vulnerability in Lenovo Pcmanager A denial of service vulnerability was reported in Lenovo PCManager prior to version 4.0.40.2175 that could allow configuration files to be written to non-standard locations during installation. | 4.7 |
2022-04-21 | CVE-2022-20732 | Incorrect Default Permissions vulnerability in Cisco Virtualized Infrastructure Manager 3.6.0/4.0.0 A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager (VIM) could allow an authenticated, local attacker to access confidential information and elevate privileges on an affected device. | 7.8 |
2022-04-21 | CVE-2022-29547 | Incorrect Default Permissions vulnerability in Mediawiki Createredirect The CreateRedirect extension before 2022-04-14 for MediaWiki does not properly check whether the user has permissions to edit the target page. | 5.0 |
2022-04-20 | CVE-2021-43986 | Incorrect Default Permissions vulnerability in Fanuc Roboguide 9.40083.00.05 The setup program for the affected product configures its files and folders with full access, which may allow unauthorized users permission to replace original binaries and achieve privilege escalation. | 7.0 |
2022-04-19 | CVE-2022-26595 | Incorrect Default Permissions vulnerability in Liferay Digital Experience Platform and Liferay Portal Liferay Portal 7.3.7, 7.4.0, and 7.4.1, and Liferay DXP 7.2 fix pack 13, and 7.3 fix pack 2 does not properly check user permission when accessing a list of sites/groups, which allows remote authenticated users to view sites/groups via the user's site membership assignment UI. | 4.0 |