Description
The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files.
Remediation
References
Related Vulnerabilities
PleskLin Other Vulnerability (CVE-2013-0133)
WordPress Plugin Side Menu-add fixed side buttons SQL Injection (3.1.3)
Drupal Core 6.x Local File Inclusion (6.0 - 6.9)
WordPress Plugin Form Builder CP Cross-Site Scripting (1.2.14)
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-17531)