Lucene search
K

774 matches found

WPVulnDB
WPVulnDB
added 2016/08/01 12:0 a.m.20 views

WP Database Backup < 4.3.1 - CSRF & XSS

The WP Database Backup WordPress plugin was affected by a CSRF & XSS security vulnerability...

4.3CVSS2.2AI score0.00924EPSS
Exploits0Affected Software1
Packet Storm
Packet Storm
added 2016/05/25 12:0 a.m.30 views

Teampass 2.1.25 Unauthenticated Access

Document Title: =============== Teampass v2.1.25 - Unauthenticated Access Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1844 Release Date: ============= 2016-05-18 Vulnerability Laboratory ID VL-ID: ==================================== 18...

0.7AI score
Exploits0
Veeam
Veeam
added 2016/03/23 12:0 a.m.17 views

Transaction Log Truncation Failure for MSSQL Instances on Shared VHDX

Challenge When attempting to run a backup job for a Microsoft SQL Server that is in either a SQL Server Failover Cluster or AlwaysOn Failover Cluster with a shared VHDX, the backup job reports the warning: Failed to truncate transaction logs for SQL instances: . Possible reasons: lack of...

7.5AI score
Exploits0
seebug.org
seebug.org
added 2016/01/29 12:0 a.m.21 views

WordPress 备份与恢复插件 WP Backitup Lite 数据库备份文件泄露漏洞

No description provided by source...

7.1AI score
Exploits0
myhack58
myhack58
added 2015/12/20 12:0 a.m.23 views

emlog automatic backup plug-in leaked the entire Station database backup vulnerability-vulnerability warning-the black bar safety net

This is my third time in your blog to find the fatal flaw. The first is a third-party Storage, the solution is to delete. The second is"EMLOG album", which is this article:is. The third time is this time, I wrote one using the script, directly to your blog, the whole site backup file down under,...

6.9AI score
Exploits0
0day.today
0day.today
added 2015/12/10 12:0 a.m.26 views

Geeklog 2.1.0 - Multiple Vulnerabilities

Exploit for php platform in category web applications Geeklog 2.1.0 - Command Injection, XSS, Command Injection Vulnerabilities Overview The admin area of Geeklog suffers from two vulnerabilities that can lead to code execution: OS Command Injection and Upload of Files with Dangerous Type. The...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/10/16 12:0 a.m.21 views

ZeusCMS 0.2 admin/backup.sql 数据库备份文件泄露

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/10/09 12:0 a.m.25 views

emlog 自动备份并发送到邮箱插件泄露整站数据库备份漏洞

No description provided by source...

7.1AI score
Exploits0
Patchstack
Patchstack
added 2015/08/20 12:0 a.m.13 views

WordPress Database Backup Plugin <= 3.3 - Stored Cross-Site Scripting

Because of this vulnerability, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...

2.1AI score
Exploits0References1Affected Software1
NVD
NVD
added 2015/06/10 6:59 p.m.24 views

CVE-2014-8605

The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! stores database backup files with predictable names under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to a backup file in administrators/backups/...

5CVSS6.2AI score0.07117EPSS
Exploits2References2
Prion
Prion
added 2015/06/10 6:59 p.m.20 views

Improper access control

The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! stores database backup files with predictable names under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to a backup file in administrators/backups/...

5CVSS6.7AI score0.07117EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2015/06/10 6:0 p.m.38 views

CVE-2014-8605

The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! stores database backup files with predictable names under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to a backup file in administrators/backups/...

6.2AI score0.07117EPSS
Exploits2References2
CVE
CVE
added 2015/06/10 6:0 p.m.40 views

CVE-2014-8605

The CVE concerns the XCloner Backup and Restore plugin for WordPress (v3.1.1) and Joomla! (v3.5.1), where database backup files are stored under the web root with predictable names due to insufficient access control. This allows remote attackers to obtain sensitive information by directly request...

5CVSS6.3AI score0.07117EPSS
Exploits2References2Affected Software1
Check Point Advisories
Check Point Advisories
added 2015/03/02 12:0 a.m.4 views

Symantec Encryption Management Server Database Backup Command Injection (CVE-2014-7288)

A command-injection vulnerability has been reported in Symantec Encryption Management Server. The vulnerability is due to insufficient sanitization of user-supplied input when processing database backup commands from the Web UI. A remote, authenticated attacker could exploit this vulnerability by...

9CVSS6.2AI score0.08116EPSS
Exploits1
Veeam
Veeam
added 2015/02/03 12:0 a.m.14 views

LabTech Database Backup Tasks Run Too Long

Challenge With Veeam Plug-in for LabTech, the database backup tasks run for an extended period of time. Cause This happens due to the growth of pluginveeambrsystemlog table. Solution The issue should be fixed in later releases. In the meantime, a workaround is available. Download the fix here...

6.8AI score
Exploits0
NVD
NVD
added 2015/02/01 2:59 a.m.17 views

CVE-2014-7288

Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allow remote authenticated administrators to execute arbitrary shell commands via a crafted command line in a database-backup restore action...

9CVSS7.2AI score0.08116EPSS
Exploits1References6
Prion
Prion
added 2015/02/01 2:59 a.m.13 views

Design/Logic Flaw

Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allow remote authenticated administrators to execute arbitrary shell commands via a crafted command line in a database-backup restore action...

9CVSS7.8AI score0.08116EPSS
Exploits1References6Affected Software2
Cvelist
Cvelist
added 2015/02/01 2:0 a.m.23 views

CVE-2014-7288

Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allow remote authenticated administrators to execute arbitrary shell commands via a crafted command line in a database-backup restore action...

7.2AI score0.08116EPSS
Exploits1References6
CNVD
CNVD
added 2015/01/30 12:0 a.m.3 views

Symantec Encryption Management Server Local Command Injection Vulnerability

Symantec Encryption Management Server is a single console for managing multiple encryption applications in the PGP platform. A command injection vulnerability exists in Symantec Encryption Management Server's handling of database backup recovery, which could be exploited by a remote attacker to...

9CVSS7.8AI score0.08116EPSS
Exploits1References1
Symantec
Symantec
added 2015/01/29 8:0 a.m.37 views

Symantec Encryption Management Server Database Backup Command Line Injection and Email Header Inject

SUMMARY Symantec Encryption Management Server is susceptible to a shell command line injection when an authorized, but less privileged administrator, is submitting a request for a database backup. This could potentially result in the malicious administrator gaining privileged access on the server...

9CVSS0.3AI score0.08116EPSS
Exploits1Affected Software1
Rows per page
Query Builder