Rvsitebuilder CMS - Database Backup Download

Exploit Title: Rvsitebuilder CMS Database Backup Download Exploit Author: Hesam Bazvand Contact: [email protected] Software Link: http://www.rvsitebuilder.com Version: All Version Tested on: Windows 7 / Kali Linux Category: WebApps Dork : inurl:rvsindex.php & /rvsindex.php?/user/login Explo...

Code Execution Vulnerability in Netnifty CMS v7.3

Netnew CIMS is an intelligent program developed professionally for building personal and corporate websites. A code execution vulnerability exists in Netnifty CMS v7.3, which can be exploited to obtain a webshell due to insufficient filtering of the parameters of the database file to be backed up...

Odoo Database Backup Authentication Vulnerability

Odoo formerly known as OpenERP is an enterprise resource planning ERP and customer relationship management CRM system. The system is developed in Python language with PostgreSQL as the database and includes modules for sales management, inventory management and financial management. A security...

CSRF Vulnerability in DayuCMS

DayuCMS is a marketing-centered CMS system that incorporates search engine algorithms to facilitate businesses and individual webmasters. CSRF vulnerability exists in DayuCMS. An attacker can exploit the vulnerability to complete automatic database backup, further explode the database path and...

File Upload Vulnerability in SEMCMS_ASP_v4.5

SemCMS is an open source foreign trade enterprise website management system, written in vbscript language, combined with iis running, SemCMS is very suitable for foreign trade enterprises, e-commerce Internet use. SemCms ASPv4.5 version of the editor database backup file upload vulnerability ,...

CVE-2014-9147

Fiyo CMS 2.0.1.8 allows remote attackers to obtain sensitive information via a direct request to the database backup file in .backup/...

Information disclosure

Fiyo CMS 2.0.1.8 allows remote attackers to obtain sensitive information via a direct request to the database backup file in .backup/...

CVE-2014-9147

Fiyo CMS 2.0.1.8 allows remote attackers to obtain sensitive information via a direct request to the database backup file in .backup/...

CVE-2014-9147

CVE-2014-9147 affects Fiyo CMS 2.0.1.8. The vulnerability allows remote attackers to obtain sensitive information by directly requesting the database backup file in the ".backup/" path. The NVD entry records a high-severity vector (CVSSv3: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N, base score 7.5) with...

How to delete the Device Entry for a User directly from the SQL Database

For some reason like datacorruption or some null pointers, device information is not getting removed fromthe XenMobile Console. This can be deleted directly from the Database by running the below SQL command. Please take the DB back up before we run the below SQL query First obtain the Device ID...

CVE-2017-11379

Configuration and database backup archives are not signed or validated in Trend Micro Deep Discovery Director 1.1...

Information disclosure

Configuration and database backup archives are not signed or validated in Trend Micro Deep Discovery Director 1.1...

CVE-2016-5483

It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database...

Open edX edx-platform Information Disclosure Vulnerability

Open edX edx-platform is a free and open source course management system CMS created by Harvard University and the Massachusetts Institute of Technology Harvard and MIT. A security vulnerability exists in versions of Open edX edx-platform prior to 2015-08-25. An attacker could exploit the...

Information disclosure

Open edX edx-platform before 2015-08-25 requires use of the database for storage of SAML SSO secrets, which makes it easier for context-dependent attackers to obtain sensitive information by leveraging access to a database backup...

emlog personal blog system background there is privilege elevation vulnerability

Impact version emlog = 5.1.2 Prerequisites: need to log in the background Exploit Log in the background after a visit to admin/? action=phpinfo page, get website physical path In the database backup page to back up the database, export to a local computer, and then edit the exported . sql format ...

Syrian's joomla 1.6.x Download Database Backup

No description provided by source...

Database Backup Download Vulnerability in Joomla!

Joomla! is an open source content management system CMS. A database backup download vulnerability exists in joomla version 1.6.x. The vulnerability stems from the program's failure to adequately filter user-submitted input, which can be exploited by an attacker to download database backups to...

WP Database Backup <= 4.3.5 - Cross-Site Request Forgery (CSRF)

The WP Database Backup WordPress plugin was affected by a Cross-Site Request Forgery CSRF security vulnerability...

How to take a XenServer toolstack (XAPI) database dump and view it

XenServer stores the vital information related to objects such asVM, VIF, VDI, PBD in an XMLformat file under /var/xapi/state.db.Thisfile is synced between pool membersat regular intervals to maintain aconsistent view of the XenServer pool. We recommend that you back up this XAPIdatabase file. Th...