189 matches found
EUVD-2014-3457
Malware in sbrugna...
EUVD-2024-45882
Malicious code in bioql PyPI...
EUVD-2024-39887
Malicious code in bioql PyPI...
EUVD-2024-32877
Malicious code in bioql PyPI...
EUVD-2024-38805
Malicious code in bioql PyPI...
EUVD-2024-19976
Malicious code in bioql PyPI...
EUVD-2024-17995
Malicious code in bioql PyPI...
EUVD-2024-37721
Malicious code in bioql PyPI...
EUVD-2024-42896
Malicious code in bioql PyPI...
CVE-2024-13807
The Xagio SEO plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.1.0.5 via the backup functionality due to weak filename structure and lack of protection in the directory. This makes it possible for unauthenticated attackers to extract...
CVE-2012-10059
Dolibarr ERP/CRM versions = 3.1.1 and = 3.2.0 contain a post-authenticated OS command injection vulnerability in its database backup feature. The export.php script fails to sanitize the sqlcompat parameter, allowing authenticated users to inject arbitrary system commands, resulting in remote code...
WordPress plugin DB Backup 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2012-10059
Dolibarr ERP/CRM versions = 3.1.1 and = 3.2.0 contain a post-authenticated OS command injection vulnerability in its database backup feature. The export.php script fails to sanitize the sqlcompat parameter, allowing authenticated users to inject arbitrary system commands, resulting in remote code...
CVE-2025-53394
Paramount Macrium Reflect through 2025-06-26 allows attackers to execute arbitrary code with administrator privileges via a crafted .mrimgx or .mrbax backup file and a renamed executable placed in the same directory. When a user with administrative privileges opens the crafted backup file and...
CVE-2024-12850
The Database Backup and check Tables Automated With Scheduler 2024 plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.32 via the databasebackupajaxdownload function. This makes it possible for authenticated attackers, with administrator-level access...
CVE-2021-35971
Veeam Backup and Replication 10 before 10.0.1.4854 P20210609 and 11 before 11.0.0.837 P20210507 mishandles deserialization during Microsoft .NET remoting...
CVE-2020-12785
cPanel before 86.0.14 allows attackers to obtain access to the current working directory via the account backup feature SEC-540...
CVE-2020-21997
Smartwares HOME easy =1.0.9 is vulnerable to an unauthenticated database backup download and information disclosure vulnerability. An attacker could disclose sensitive and clear-text information resulting in authentication bypass, session hijacking and full system control...
CVE-2019-11200
Dolibarr ERP/CRM 9.0.1 provides a web-based functionality that backs up the database content to a dump file. However, the application performs insufficient checks on the export parameters to mysqldump, which can lead to execution of arbitrary binaries on the server. Malicious binaries can be...
CVE-2012-6099
The moodle1 backup converter in backup/converter/moodle1/lib.php in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 does not properly validate pathnames, which allows remote authenticated users to read arbitrary files by leveraging the backup-restoration...