PT-2026-7888

Name of the Vulnerable Software and Affected Versions newbee-mall affected versions not specified Description The software stores and verifies user passwords using an unsalted MD5 hashing algorithm. This implementation lacks per-user salts and computational cost controls. Attackers obtaining...

CVE-2023-6113

The WP STAGING WordPress Backup Plugin before 3.1.3 and WP STAGING Pro WordPress Backup Plugin before 5.1.3 do not prevent visitors from leaking key information about ongoing backups processes, allowing unauthenticated attackers to download said backups later...

Wordpress Plugin Cart66 Lite DatabaseSQL Backup Leakage Vulnerability

WordPress is a blogging platform based on the PHP language, which can be used to set up a website on a server that supports PHP and MySQL databases, and can also be used as a content management system CMS. An attacker backup disclosure vulnerability exists in the Wordpress plugin Cart66 Lite...

WordPress Plugin Real-Estate-Listing-Realtyna-Wpl Database Backup Leakage Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A security vulnerability exists in the WordPress plugin Real-Estate-Listing-Realtyna-Wpl. An attacker can exploit the...

PHPFusion数据库备份泄露漏洞 Exploit

No description provided by source. Ahmad Muammar （[email protected]）提供了如下测试方法： http://localhost/fusion/fusionadmin/updateuser.php Warning: mainfusionlangdiradmin/adminmembers.php: failed to open stream: No such file or directory in /var/www/html/fusion/fusionadmin/updateuser.php on line 14 Fatal...