774 matches found
CVE-2019-19341
A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2, where files in '/var/backup/tower' are left world-readable. These files include both the SECRETKEY and the database backup. Any user with access to the Tower server, and knowledge of when a backup is run, could retrieve every...
Database Backup File Download Vulnerability in OTCMS
OTCMS Nettie CMS is an article-based web content management system CMS. OTCMS has a database backup file download vulnerability, which can be exploited by attackers to obtain sensitive information...
Prima FlexAir Access Control 2.3.35 Database Backup Predictable Name
!/usr/bin/env python -- coding: utf8 -- Prima FlexAir Access Control 2.3.35 Database Backup Predictable Name Exploit Authentication Bypass Login with MD5 hash CVE: CVE-2019-7666, CVE-2019-7667 Advisory: https://applied-risk.com/resources/ar-2019-007 Paper:...
FlexAir Access Control 2.3.35 - Authentication Bypass Exploit
Exploit for hardware platform in category web applications Exploit Title: FlexAir Access Control 2.3.35 - Authentication Bypass Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link: https://www.computrols.com/building-automation-software/...
Smartweares HOME easy Information Disclosure Vulnerability
Smartweares HOME easy is prone to an information disclosure vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...
Smartwares HOME Easy 1.0.9 Database Backup Information Disclosure
!/bin/bash Smartwares HOME easy v1.0.9 Database Backup Information Disclosure Exploit Vendor: Smartwares Product web page: https://www.smartwares.eu Affected version: =1.0.9 Summary: Home Easy/Smartwares are a range of products designed to remotely control your home using wireless technology. Hom...
Smartwares HOME easy 1.0.9 - Database Backup Information Disclosure
Smartwares HOME easy 1.0.9 - Database Backup Information Disclosure Title: Smartwares HOME easy 1.0.9 - Database Backup Information Disclosure Author: LiquidWorm Date: 2019-11-05 Vendor: Smartwares Product web page: https://www.smartwares.eu Affected version: =1.0.9 Advisory ID: ZSL-2019-5541...
Smartwares HOME easy 1.0.9 - Database Backup Information Disclosure Vulnerability
Exploit for hardware platform in category web applications Title: Smartwares HOME easy 1.0.9 - Database Backup Information Disclosure Author: LiquidWorm Vendor: Smartwares Product web page: https://www.smartwares.eu Affected version: =1.0.9 Advisory ID: ZSL-2019-5541 Advisory URL:...
Smartwares HOME easy 1.0.9 - Database Backup Information Disclosure
Title: Smartwares HOME easy 1.0.9 - Database Backup Information Disclosure Author: LiquidWorm Date: 2019-11-05 Vendor: Smartwares Product web page: https://www.smartwares.eu Affected version: =1.0.9 Advisory ID: ZSL-2019-5541 Advisory URL:...
LimeSurvey < 3.17.14 Multiple Vulnerabilities
LimeSurvey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
WordPress Database Backup Plugin Remote Code Execution
A remote code execution vulnerability exists in WordPress Database Backup Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
WordPress wp-database-backup plugin cross-site request forgery vulnerability (CNVD-2019-27694)
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. wp-database-backup plugin is a database backup and restore plugin used in it. A cross-site request forgery vulnerability...
WordPress wp-database-backup plugin cross-site request forgery vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. wp-database-backup plugin is a database backup and restore plugin used in it. A cross-site request forgery vulnerability...
WordPress wp-database-backup plugin cross-site scripting vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. wp-database-backup plugin is a database backup and restore plugin used in it. A cross-site scripting vulnerability exists i...
WordPress wp-database-backup plugin cross-site scripting vulnerability (CNVD-2019-27696)
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. wp-database-backup plugin is a database backup and restore plugin used in it. A cross-site scripting vulnerability exists i...
WordPress wp-database-backup plugin cross-site scripting vulnerability (CNVD-2019-27695)
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. wp-database-backup plugin is a database backup and restore plugin used in it. A cross-site scripting vulnerability exists i...
CVE-2019-14949
The wp-database-backup plugin before 5.1.2 for WordPress has XSS...
CVE-2019-14949
The wp-database-backup plugin before 5.1.2 for WordPress has XSS...
CVE-2016-10875
The wp-database-backup plugin before 4.3.1 for WordPress has XSS...
CVE-2016-10874
The wp-database-backup plugin before 4.3.3 for WordPress has CSRF...