774 matches found
WordPress Universal Post Manager 1.5.0 Database Disclosure
Exploit Title : WordPress universal-post-manager 1.5.0 Plugins Database Backup Information Disclosure Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 22/11/2018 Vendor Homepage : wordpress.org/support/plugin/universal-post-manager/...
WordPress TemplateOne Themes Dubicars Database Backup Information Disclosure Vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. An information disclosure vulnerability exists in WordPress TemplateOne Themes Dubicars Database Backup. An attacker can...
Joomla com_macgallery Install-Uninstall Database Backup Information Disclosure Vulnerability
Joomla is an open source content management system CMS. An information disclosure vulnerability exists in Joomla commacgallery Install-Uninstall Database Backup. An attacker can exploit to obtain sensitive information...
Information leakage vulnerability in DouPHP database
DouPHP is a lightweight enterprise website management system based on PHP+Mysql architecture, running on various platforms such as Linux, Windows, MacOSX, Solaris and so on. An information leakage vulnerability exists in DouPHP database. The vulnerability is due to its database backup function do...
PbootCMS Database Backup File Has Information Leakage Vulnerability
PbootCMS is a new core open source enterprise building system developed by Avantech. There is an information leakage vulnerability in the database backup file of PbootCMS. Attackers can use the vulnerability to obtain sensitive information...
CVE-2018-18487
In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, the database backup filename generation uses mtrand unsafely, resulting in predictable database backup file locations...
CVE-2018-18487
In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, the database backup filename generation uses mtrand unsafely, resulting in predictable database backup file locations...
Design/Logic Flaw
In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, the database backup filename generation uses mtrand unsafely, resulting in predictable database backup file locations...
CVE-2018-18487
In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, the database backup filename generation uses mtrand unsafely, resulting in predictable database backup file locations...
CVE-2018-18487
The CVE-2018-18487 entry affects Gxlcms v2.0, specifically the database backup filename generation in \lib\admin\action\dataaction.class.php. The vulnerability stems from using mt_rand() in filename creation, causing predictable backup file locations. The documents do not provide exploit details,...
Backend Command Execution Vulnerability
Crossday Discuz! Board abbreviated as Discuz! is a generalized community forum software system launched by Beijing Kangsheng Xinchuang Technology Limited Liability Company. A command execution vulnerability exists in the backend database backup function of Discuz!1.5-2.5 versions. An attacker can...
OSCAR EMR 15.21beta361 XSS / Disclosure / CSRF / Insecure Direct Object Reference
Title: Multiple vulnerabilities in OSCAR EMR Product: OSCAR EMR Vendor: Oscar McMaster Tested version: 15.21beta361 Remediation status: Unknown Reported by: Brian D. Hysell ----- Product Description: "OSCAR is open-source Electronic Medical Record EMR software that was first developed at McMaster...
Code Execution Vulnerability in EmpireCMS
EmpireCMS is a free content management system CMS. EmpireCMS 7.5 and previous versions have a code execution vulnerability, the vulnerability stems from the database table name is not verified when backing up the database in the background, an attacker can modify the database table name, exploit...
Reddit hacked: Hackers steal complete copy of old database backup
By Waqas Reddit says the breach took place after hackers intercepted SMS that were supposed to be delivered to employees. The social media giant Reddit has announced that it has suffered a data breach in which attackers hacked into its system and ended up stealing data of its registered users...
Reddit Breach Stems from SMS Two-Factor Authentication Breakdown
Reddit confirmed Wednesday that a hacker broke into its systems and has accessed user data – including email addresses and passwords for accounts. The company said in a post today that the compromise occurred between June 14 and June 18, and it detected the incident on June 19. “We learned that a...
Multiple vulnerabilities in PCWAP mobile PC website information management system
PCWAP cell phone PC website information management system is a set of PC and WAP cell phone version of the website can be achieved in the same back-end management of PHP free open-source cell phone station CMS system. PCWAP cell phone PC website information management system has information...
Event ID 9782 is thrown after successful backup
Challenge During Exchange 2010 application aware backup with "Copy only" option enabled you notice following events in Application event log on Exchange server: Log Name: Application Source: MSExchangeIS Date: 5/10/2018 5:38:39 PM Event ID: 9782 Task Category: Exchange VSS Writer Level: Error...
Sensitive File Disclosure (HTTP)
The script attempts to identify files containing sensitive data at the remote web server. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Rvsitebuilder CMS - Database Backup Download Vulnerability
Exploit for php platform in category web applications Exploit Title: Rvsitebuilder CMS Database Backup Download Exploit Author: Hesam Bazvand Contact: email protected Software Link: http://www.rvsitebuilder.com Version: All Version Tested on: Windows 7 / Kali Linux Category: WebApps Dork :...
Rvsitebuilder CMS - Database Backup Download
Rvsitebuilder CMS - Database Backup Download Exploit Title: Rvsitebuilder CMS Database Backup Download Exploit Author: Hesam Bazvand Contact: [email protected] Software Link: http://www.rvsitebuilder.com Version: All Version Tested on: Windows 7 / Kali Linux Category: WebApps Dork :...