Codesector

codesector

2 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-29586 1Codesector 1Teracopy Feb 5, 2025 Apr 19, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Code Sector TeraCopy 3.9.7 does not perform proper access validation on the source folder during a copy operation. This leads to Arbitrary File Read by allowing any user to copy any directory in the system to a directory...Show more Code Sector TeraCopy 3.9.7 does not perform proper access validation on the source folder during a copy operation. This leads to Arbitrary File Read by allowing any user to copy any directory in the system to a directory they control. NOTE: the Supplier disputes this because only admin users can copy arbitrary folders, and because the 143984 reference is about a different concern (unrelated to directory copying) that was fixed in 3.5b.Show less
CVE-2022-27438 293cx BoomCaphyon+26 more 70Advanced Installer Angry Birds SpaceArchive Password Recovery+67 more Nov 21, 2024 Jun 6, 2022 N/A· v4 8.1 HIGH· v3 5.1 MEDIUM· v2 Caphyon Ltd Advanced Installer 19.3 and earlier and many products that use the updater from Advanced Installer (Advanced Updater) are affected by a remote code execution vulnerability via the CustomDetection parameter in...Show more Caphyon Ltd Advanced Installer 19.3 and earlier and many products that use the updater from Advanced Installer (Advanced Updater) are affected by a remote code execution vulnerability via the CustomDetection parameter in the update check function. To exploit this vulnerability, a user must start an affected installation to trigger the update check.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2023-29586

1Codesector

1Teracopy

Feb 5, 2025

Apr 19, 2023

N/A· v4

5.5 MEDIUM· v3

N/A· v2

Code Sector TeraCopy 3.9.7 does not perform proper access validation on the source folder during a copy operation. This leads to Arbitrary File Read by allowing any user to copy any directory in the system to a directory they control. NOTE: the Supplier disputes this because only admin users can copy arbitrary folders, and because the 143984 reference is about a different concern (unrelated to directory copying) that was fixed in 3.5b.Show less

CVE-2022-27438

293cx

BoomCaphyon+26 more

70Advanced Installer

Angry Birds SpaceArchive Password Recovery+67 more

Nov 21, 2024

Jun 6, 2022

N/A· v4

8.1 HIGH· v3

5.1 MEDIUM· v2

Caphyon Ltd Advanced Installer 19.3 and earlier and many products that use the updater from Advanced Installer (Advanced Updater) are affected by a remote code execution vulnerability via the CustomDetection parameter in the update check function. To exploit this vulnerability, a user must start an affected installation to trigger the update check.Show less