DashBoard suffers from an elevation of privileges vulnerability which can be used by a simple authenticated user that can change the executable file with a binary of choice. The vulnerability exist due to the improper permissions, with the 'M' flag (Modify) or 'C' flag (Change) for 'Authenticated Users' group.
Monstra CMS 3.0.4 allows remote attackers to delete folder via an admin/index.php?id=filesmanager&delete_dir=./&path=uploads/ request.
Scanguard through 2019-11-12 on Windows has Insecure Permissions for the installation directory, leading to privilege escalation via a Trojan horse executable file. The product sets weak access control restrictions, as permissions are set to Full Control for Everyone group. This can allow low integrity malware the ability to replace ScanGuard executables.
An attacker can exploit this vulnerability by sending a specially crafted request to the vulnerable server. This can allow the attacker to upload malicious files to the server, which can be used to gain access to the server.
SimpleBBS reportedly creates sensitive files with world-readable permissions. As a result anyone who has access to SimpleBBS web resources may access confidential information stored in the SimpleBBS user database.
Any installed application on a victim's phone can add arbitrary tasks to users through insecure IPC handling. A malicious application has several ways of how to achieve that: 1. By sending multiple intents to ShareLink activity (com/todoroo/astrid/activity/ShareLinkActivity.java). Tasks application adds the first requested 'task' to the user's task list. 2. By sending an intent to VoiceCommand activity (org/tasks/voice/VoiceCommandActivity.java). The application does not validate intent's origin, so any application can append tasks to the user's task list. We used the Drozer application to emulate malicious app activity.
The application is prone to insecure permissions in its folders that allows unprivileged user complete control. An attacker can exploit the vulnerability by arbitrarily replacing file(s) invoked by service(s)/startup regkey impacted. File(s) will be executed with SYSTEM privileges.
Max Secure Anti Virus Plus 19.0.4.020 has Insecure Permissions on the installation directory. Local attackers or malware running at low integrity can replace a .exe or .dll file to achieve privilege escalation.
Services By CQR