Description
The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files.
Remediation
References
Related Vulnerabilities
WordPress Plugin ApplyOnline-Application Form Builder and Manager Cross-Site Scripting (1.9.94)
WordPress Plugin Video Embed SQL Injection (1.0)
SharePoint CVE-2024-38228 Vulnerability (CVE-2024-38228)
PHP Other Vulnerability (CVE-2003-0860)
Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-30130)