EUVD-2024-27516

Malicious code in bioql PyPI...

EUVD-2023-54441

Malicious code in bioql PyPI...

EUVD-2021-32512

Malicious code in bioql PyPI...

CVE-2025-10744

The File Manager, Code Editor, and Backup by Managefy plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.1 through publicly exposed log files. This makes it possible for unauthenticated attackers to view information like full paths and...

CVE-2025-10744 File Manager, Code editor, backup by Managefy <= 1.6.1 - Unauthenticated Information Exposure

The File Manager, Code Editor, and Backup by Managefy plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.1 through publicly exposed log files. This makes it possible for unauthenticated attackers to view information like full paths and...

Arbitrary Code Injection

Craft CMS is vulnerable to Arbitrary Code Injection. The vulnerability is due to inadequate protection of restore functionality because, with a compromised security key and the ability to place an arbitrary file in storage/backups, an attacker can craft a request to /updater/restore-db that...

ebram_web_scanner

EBRAM Web Scanner EBRAM Web Scanner is a powerful Python-ba...

Linux Distros Unpatched Vulnerability : CVE-2017-11183

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - front/backup.php in GLPI before 9.1.5 allows remote authenticated administrators to delete arbitrary files via a crafted file parameter. CVE-2017-11183 Note tha...

FoxCMS 安全漏洞

FoxCMS is a free commercial open source content management system from China Qianxu FoxCMS company. A security vulnerability exists in FoxCMS v1.2.6 and earlier versions, which originates from the incorrect operation of the parameter id in the file /DataBackup.php leading to SQL injection...

CVE-2025-20344

A vulnerability in the backup restore functionality of Cisco Nexus Dashboard could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. This vulnerability is due to insufficient validation of the contents of a backup file. An attacker with valid...

Cisco Nexus Dashboard Path Traversal Vulnerability

A vulnerability in the backup restore functionality of Cisco Nexus Dashboard could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. This vulnerability is due to insufficient validation of the contents of a backup file. An attacker with valid...

Cisco Nexus Dashboard 路径遍历漏洞

Cisco Nexus Dashboard is a single console from Cisco, Inc. It can simplify the operation and management of data center networks. A path traversal vulnerability exists in Cisco Nexus Dashboard, which stems from insufficient validation of backup file content and could lead to a path traversal attac...

CVE-2025-9395

A vulnerability was identified in wangsongyan wblog 0.0.1. This affects the function RestorePost of the file backup.go. Such manipulation of the argument fileName leads to server-side request forgery. It is possible to launch the attack remotely. The exploit is publicly available and might be use...

CVE-2025-9395 wangsongyan wblog backup.go RestorePost server-side request forgery

A vulnerability was identified in wangsongyan wblog 0.0.1. This affects the function RestorePost of the file backup.go. Such manipulation of the argument fileName leads to server-side request forgery. It is possible to launch the attack remotely. The exploit is publicly available and might be use...

CVE-2025-9395

CVE-2025-9395 affects wangsongyan wblog 0.0.1. The vulnerability is in RestorePost of backup.go, where manipulation of the fileName parameter enables server-side request forgery (SSRF). It is remotely exploitable and an exploit is publicly available. Connected documents corroborate the issue and ...

PT-2025-34573 · Unknown · Wangsongyan Wblog

Name of the Vulnerable Software and Affected Versions: wangsongyan wblog version 0.0.1 Description: A vulnerability exists in the RestorePost function of the backup.go file, allowing for server-side request forgery SSRF through manipulation of the fileName argument. This issue is remotely...

CVE-2025-51818

MCCMS 2.7.0 is vulnerable to Arbitrary file deletion in the Backups.php component. This allows an attacker to execute arbitrary commands...

CVE-2025-48862

The CVE affects ctrlX OS (Bosch) where ambiguous wording in the web interface of the setup/backup mechanism could mislead users into thinking the backup is encrypted when a password is set. In reality, only the private key in the backup (if present) is encrypted; the backup file itself remains un...

CVE-2025-48862

Ambiguous wording in the web interface of the ctrlX OS setup mechanism could lead the user to believe that the backup file is encrypted when a password is set. However, only the private key - if available in the backup - is encrypted, while the backup file itself remains unencrypted...

BOSCH ctrlX OS 安全漏洞

BOSCH ctrlX OS is a Linux-based real-time operating system from the German company BOSCH. A security vulnerability exists in BOSCH ctrlX OS that stems from an unclear description of backup file encryption, which could lead to a user misinterpreting the backup file encryption status...