CVE-2022-23802

HIGH Year: 2022
CVSS v3 Score
7.5
High
CVSS v2 Score
5.0
Medium
Weakness Type
CWE-276
View all →

Vulnerability Description

Joomla Guru extension 5.2.5 is affected by: Insecure Permissions. The impact is: obtain sensitive information (remote). The component is: Access to private information and components, possibility to view other users' information. Information disclosure Access to private information and components, possibility to view other users' information.

Related Vulnerabilities

CVE-2010-5108

HIGH
CVSS:7.5(High)

Trac 0.11.6 does not properly check workflow permissions before modifying a ticket. This can be exploited by an attacker to change the status and resolution of tickets without having proper permission...

CWE-2762010

CVE-2012-5577

HIGH
CVSS:7.5(High)

Python keyring lib before 0.10 created keyring files with world-readable permissions.

CWE-2762012

CVE-2017-18668

HIGH
CVSS:7.5(High)

An issue was discovered on Samsung mobile devices with M(6.0) software. Attackers can prevent users from making outbound calls and sending outbound text messages. The Samsung ID is SVE-2017-8706 (June...

CWE-2762017

CVE-2017-18669

HIGH
CVSS:7.5(High)

An issue was discovered on Samsung mobile devices with N(7.x) software. Persona has an unprotected API that allows launch of any activity with system privileges. The Samsung ID is SVE-2017-9000 (June ...

CWE-2762017

CVE-2017-4975

HIGH
CVSS:7.5(High)

An issue was discovered in Pivotal PCF Tile Generator versions prior to 6.0.0. Tiles created by the PCF Tile Generator create a running open security group that overrides security groups set by the op...

CWE-2762017

CVE-2018-8848

HIGH
CVSS:7.5(High)

Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software, upon installation, sets incorrect permissions for an object that exposes it to an unintended actor.

CWE-2762018