WordPress Backup Migration <= 1.3.6 - Path Traversal

WordPress Backup Migration plugin versions up to 1.3.6 contain a path traversal and file validation issue in handledownloading function, letting unauthenticated attackers download backup files containing sensitive information. id: CVE-2023-6266 info: name: WordPress Backup Migration = 1.3.6 - Pat...

MINI-8F4Q-7932-6266

Bulletin has no description...

Oracle Linux 9 : libxslt (ELSA-2026-6266)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-6266 advisory. - Fix upgrade path for CVE-2023-40403 RHEL-82213 - Fix CVE-2023-40403 RHEL-82213 - Fix CVE-2024-55549 RHEL-83514 Tenable has extracted the preceding description...

RHEL 9 : libxslt (RHSA-2026:6266)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:6266 advisory. libxslt is a library for transforming XML files into other textual formats including HTML, plain text, and other XML representations of the underlyin...

ECHO-2C1D-6266-FCE5

Bulletin has no description...

EUVD-2018-6228

Malware in sbrugna...

CVE-2025-6266

A vulnerability was detected in Teledyne FLIR AX8 up to 1.46. Affected by this vulnerability is an unknown functionality of the file /upload.php. Performing manipulation of the argument File results in unrestricted upload. It is possible to initiate the attack remotely. The exploit is now public...

CVE-2025-6266 Teledyne FLIR AX8 upload.php unrestricted upload

A vulnerability was detected in Teledyne FLIR AX8 up to 1.46. Affected by this vulnerability is an unknown functionality of the file /upload.php. Performing manipulation of the argument File results in unrestricted upload. It is possible to initiate the attack remotely. The exploit is now public...

CVE-2025-6266 Teledyne FLIR AX8 upload.php unrestricted upload

A vulnerability was detected in Teledyne FLIR AX8 up to 1.46. Affected by this vulnerability is an unknown functionality of the file /upload.php. Performing manipulation of the argument File results in unrestricted upload. It is possible to initiate the attack remotely. The exploit is now public...

CVE-2025-6266

The CVE concerns Teledyne FLIR AX8 firmware versions up to 1.46. Affected is the behavior of the /upload.php endpoint, where manipulating the File parameter enables unrestricted file upload. The vulnerability is exploitable remotely and the exploit is public. Remediation is upgrading to version 1...

CVE-2023-6266

The Backup Migration plugin for WordPress is vulnerable to unauthorized access of data due to insufficient path and file validation on the BMIBACKUP case of the handledownloading function in all versions up to, and including, 1.3.6. This makes it possible for unauthenticated attackers to download...

CVE-2020-6266

SAP Fiori for SAP S/4HANA, versions - 100, 200, 300, 400, allows an attacker to redirect users to a malicious site due to insufficient URL validation, leading to URL Redirection...

RHEL 6 : convert2rhel (RHSA-2022:6266)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:6266 advisory. The convert2rhel package provides the Convert2RHEL utility, which performs operating system conversion. During the conversion process, Convert2RHEL...

CVE-2023-6266

creationtimestamp| type| source ---|---|--- 2024-01-11 10:26:29+00:00| seen| https://t.me/ctinow/166422 2025-12-19 21:03:10+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3maelni5lsm23...

CVE-2023-6266

WordPress Backup Migration plugin

WordPress Backup Migration Plugin <= 1.3.6 is vulnerable to Sensitive Data Exposure

Software Backup Migration Type Plugin Vulnerable versions = 1.3.6 Fixed in 1.3.7 OWASP Top 10 A5: Security Misconfiguration Classification Sensitive Data Exposure CVE CVE-2023-6266 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 7df0ea44f3d7 Credits Rafshanzani Suhada...

Oracle Linux 9 : squid (ELSA-2023-6266)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-6266 advisory. - Improve HTTP chunked encoding compliance CVE-2023-46846 - Fix stack buffer overflow when parsing Digest Authorization CVE-2023-46847 Tenable has...

RHEL 9 : squid (RHSA-2023:6266)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:6266 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: SQUID-2023:...

Ubuntu: Security Advisory (USN-6266-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 : librsvg vulnerability (USN-6266-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by a vulnerability as referenced in the USN-6266-1 advisory. Zac Sims discovered that librsvg incorrectly handled decoding URLs. A remote attacker could possibly use this issue to read arbitrary files by...