444 matches found
CVE-2026-4305 Royal WordPress Backup & Restore Plugin <= 1.0.16 - Reflected Cross-Site Scripting via 'wpr_pending_template' Parameter
The Royal WordPress Backup & Restore Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'wprpendingtemplate' parameter in all versions up to, and including, 1.0.16 due to insufficient input validation. This makes it possible for unauthenticated attackers to inject...
CVE-2026-4305
The Royal WordPress Backup & Restore Plugin for WordPress is affected (versions up to and including 1.0.16). The issue is a Reflected Cross-Site Scripting vulnerability via the wpr_pending_template parameter caused by insufficient input validation. Unauthenticated attackers could inject arbitrary...
CVE-2026-35573
ChurchCRM is an open-source church management system. Prior to 6.5.3, a path traversal vulnerability in ChurchCRM's backup restore functionality allows authenticated administrators to upload arbitrary files and achieve remote code execution by overwriting Apache .htaccess configuration files. The...
CVE-2026-35573
ChurchCRM is an open-source church management system. Prior to 6.5.3, a path traversal vulnerability in ChurchCRM's backup restore functionality allows authenticated administrators to upload arbitrary files and achieve remote code execution by overwriting Apache .htaccess configuration files. The...
CVE-2026-35573 ChurchCRM has a Path traversal leads to RCE
ChurchCRM is an open-source church management system. Prior to 6.5.3, a path traversal vulnerability in ChurchCRM's backup restore functionality allows authenticated administrators to upload arbitrary files and achieve remote code execution by overwriting Apache .htaccess configuration files. The...
CVE-2026-35573
ChurchCRM is an open-source church management system. Prior to 6.5.3, a path traversal vulnerability in ChurchCRM's backup restore functionality allows authenticated administrators to upload arbitrary files and achieve remote code execution by overwriting Apache .htaccess configuration files. The...
EUVD-2026-19771
ChurchCRM is an open-source church management system. Prior to 6.5.3, a path traversal vulnerability in ChurchCRM's backup restore functionality allows authenticated administrators to upload arbitrary files and achieve remote code execution by overwriting Apache .htaccess configuration files. The...
CVE-2026-35573
ChurchCRM contains a path traversal vulnerability in its backup restore functionality (src/ChurchCRM/Backup/RestoreJob.php) that affects versions prior to 6.5.3. The vulnerability arises because the $rawUploadedFile['name'] parameter is user-controlled, allowing authenticated administrators to up...
CVE-2026-35573 ChurchCRM has a Path traversal leads to RCE
ChurchCRM is an open-source church management system. Prior to 6.5.3, a path traversal vulnerability in ChurchCRM's backup restore functionality allows authenticated administrators to upload arbitrary files and achieve remote code execution by overwriting Apache .htaccess configuration files. The...
CVE-2026-35573 ChurchCRM has a Path traversal leads to RCE
ChurchCRM is an open-source church management system. Prior to 6.5.3, a path traversal vulnerability in ChurchCRM's backup restore functionality allows authenticated administrators to upload arbitrary files and achieve remote code execution by overwriting Apache .htaccess configuration files. The...
PT-2026-30940
ChurchCRM is an open-source church management system. Prior to 6.5.3, a path traversal vulnerability in ChurchCRM's backup restore functionality allows authenticated administrators to upload arbitrary files and achieve remote code execution by overwriting Apache .htaccess configuration files. The...
SUSE CVE-2026-33906
Ella Core is a 5G core designed for private networks. Prior to version 1.7.0, the NetworkManager role was granted backup and restore permission. The restore endpoint accepted any valid SQLite file without verifying its contents. A NetworkManager could replace the production database with a tamper...
GHSA-P5RH-VMHP-GVCW Dgraph: Pre-Auth Database Overwrite + SSRF + File Read via restoreTenant Missing Authorization
The restoreTenant admin mutation is missing from the authorization middleware config admin.go:499-522, making it completely unauthenticated. Unlike the similar restore mutation which requires Guardian-of-Galaxy authentication, restoreTenant executes with zero middleware. This mutation accepts...
GO-2026-4903 nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI...
PT-2026-29946
nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI...
CVE-2026-33026
Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, the nginx-ui backup restore mechanism allows attackers to tamper with encrypted backup archives and inject malicious configuration during restoration. This issue has been patched in version 2.3.4...
Important: Red Hat Security Advisory: Red Hat OpenShift API for Data Protection
A new version of OpenShift API for Data Protection OADP is now available. OpenShift API for Data Protection OADP enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and...
CVE-2026-33026
Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, the nginx-ui backup restore mechanism allows attackers to tamper with encrypted backup archives and inject malicious configuration during restoration. This issue has been patched in version 2.3.4...
CVE-2026-33026 nginx-ui Backup Restore Allows Tampering with Encrypted Backups
Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, the nginx-ui backup restore mechanism allows attackers to tamper with encrypted backup archives and inject malicious configuration during restoration. This issue has been patched in version 2.3.4...
CVE-2026-33026
The connected advisory GHSA-FHH2-GG7W-GWPQ describes a vulnerability in nginx-ui (application version v2.3.3 ) where the backup/restore mechanism is vulnerable to tampering. The backup format encrypts files and stores hashes encrypted with the same key given to the client, creating a circular tru...