774 matches found
CVE-2026-4029
The Database Backup for WordPress plugin (WordPress) is affected by unauthorized database export in all versions up to 2.5.2 due to improper enforcement of the authorization check return value. This enables unauthenticated attackers to export database tables, causing Sensitive Information Exposur...
CVE-2026-4029 Database Backup for WordPress <= 2.5.2 - Missing Authorization to Unauthenticated Database Export
The Database Backup for WordPress plugin for WordPress is vulnerable to unauthorized database export in all versions up to, and including, 2.5.2. This is due to the plugin not properly enforcing the return value of its authorization check. This makes it possible for unauthenticated attackers to...
EUVD-2026-30274
The Database Backup for WordPress plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.5.2. This is due to the plugin not restricting access to the wpdbtempdir parameter, which controls where database backups are written. This makes it possible for...
PT-2026-40910
The Database Backup for WordPress plugin for WordPress is vulnerable to unauthorized arbitrary file read and deletion in all versions up to, and including, 2.5.2. This is due to the plugin not properly enforcing the return value of its authorization check combined with a user-controlled backup...
WordPress plugin Database Backup for WordPress 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
WordPress plugin Database Backup for WordPress 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
WordPress plugin Database Backup for WordPress 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
CVE-2026-7698
A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Affected by this vulnerability is an unknown functionality of the file /Easy7/rest/systemInfo/updateDbBackupInfo. Such manipulation of the argument week leads to os command injection. The attack can be executed...
CVE-2026-7698 Tiandy Easy7 Integrated Management Platform updateDbBackupInfo os command injection
A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Affected by this vulnerability is an unknown functionality of the file /Easy7/rest/systemInfo/updateDbBackupInfo. Such manipulation of the argument week leads to os command injection. The attack can be executed...
GHSA-RW74-VC9H-534J Admidio has CSRF on Admin Preferences that Triggers Unauthorized Backup, .htaccess Write, and Email Send
Summary Several administrative operations in Admidio's preferences module database backup, test email, htaccess generation fire via GET requests with no CSRF token validation. Because SameSite=Lax cookies travel with top-level GET navigations, an attacker forces an authenticated admin to trigger...
Admidio has CSRF on Admin Preferences that Triggers Unauthorized Backup, .htaccess Write, and Email Send
Summary Several administrative operations in Admidio's preferences module database backup, test email, htaccess generation fire via GET requests with no CSRF token validation. Because SameSite=Lax cookies travel with top-level GET navigations, an attacker forces an authenticated admin to trigger...
Security update 5.1.3 for Multi-Linux Manager Client Tools
This update fixes the following issues: golang-github-lusitaniae-apacheexporter: Internal changes to fix build issues with no impact for customers spacecmd: Version 5.1.13-0 Updated translation strings uyuni-tools: Version 5.1.26-0 Fixed applying PTF with images from RPMs bsc1252548 Ssl Key file...
SUSE-SU-2026:1520-1 Security update 5.1.3 for Multi-Linux Manager Client Tools
This update fixes the following issues: golang-github-lusitaniae-apacheexporter: - Internal changes to fix build issues with no impact for customers spacecmd: - Version 5.1.13-0 Updated translation strings uyuni-tools: - Version 5.1.26-0 Fixed applying PTF with images from RPMs bsc1252548 Ssl Key...
Security update 5.1.3 for Multi-Linux Manager Client Tools
This update fixes the following issues: spacecmd: Version 5.1.13-0 Updated translation strings uyuni-tools: Version 5.1.26-0 Fixed applying PTF with images from RPMs bsc1252548 Ssl Key file can miss if CA password is blank bsc1254154 mgrpxy ssh tuning should happens before crypto policies...
Security update 5.1.3 for Multi-Linux Manager Client Tools
This update fixes the following issues: spacecmd: Version 5.1.13-0 Update translation strings uyuni-tools: Version 5.1.26-0 Fix applying PTF with images from RPMs bsc1252548 Ssl Key file can miss if CA password is blank bsc1254154 mgrpxy ssh tuning should happens before crypto policies bsc1254619...
CVE-2026-6000
A vulnerability was found in code-projects Online Library Management System 1.0. Affected is an unknown function of the file /sql/library.sql of the component SQL Database Backup File Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The...
CVE-2026-6000 code-projects Online Library Management System SQL Database Backup File library.sql information disclosure
A vulnerability was found in code-projects Online Library Management System 1.0. Affected is an unknown function of the file /sql/library.sql of the component SQL Database Backup File Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The...
CVE-2026-6000
A vulnerability was found in code-projects Online Library Management System 1.0. Affected is an unknown function of the file /sql/library.sql of the component SQL Database Backup File Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The...
EUVD-2026-21282
A vulnerability was found in code-projects Online Library Management System 1.0. Affected is an unknown function of the file /sql/library.sql of the component SQL Database Backup File Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The...
PT-2026-31857
Name of the Vulnerable Software and Affected Versions code-projects Online Library Management System version 1.0 Description A vulnerability exists in code-projects Online Library Management System 1.0 that may lead to information disclosure. The issue is related to a manipulation of an unknown...