146 matches found
webERP 安全漏洞
webERP is an open-source ERP system developed by Tim Schofield. It supports inventory management, permission role management, order management, and financial management. Version 4.15.1 of webERP contains a security vulnerability caused by an unverified file access flaw. Attackers can directly...
Improper Access Control
craftcms/cms is vulnerable to Improper Access Control. The vulnerability is due to missing authentication checks on certain administrative actions, which allows an unauthenticated attacker to trigger database backup operations and potentially cause resource exhaustion or information disclosure...
CVE-2025-68456
Craft is a platform for creating digital experiences. In versions 5.0.0-RC1 through 5.8.20 and 3.0.0 through 4.16.16, unauthenticated users can trigger database backup operations via specific admin actions, potentially leading to resource exhaustion or information disclosure. Users should update ...
CVE-2025-68456
CVE-2025-68456 affects Craft CMS versions 5.0.0-RC1–5.8.20 and 3.0.0–4.16.16, where unauthenticated users can trigger database backup operations via the admin action path updater/backup. The underlying issue is exposed across all updater actions configured for anonymous access, enabling a backup ...
CVE-2025-68456 Unauthenticated Craft CMS users can trigger a database backup
Craft is a platform for creating digital experiences. In versions 5.0.0-RC1 through 5.8.20 and 3.0.0 through 4.16.16, unauthenticated users can trigger database backup operations via specific admin actions, potentially leading to resource exhaustion or information disclosure. Users should update ...
GHSA-V64R-7WG9-23PR Unauthenticated Craft CMS users can trigger a database backup
Unauthenticated users can trigger database backup operations the updater/backup action, potentially leading to resource exhaustion or information disclosure. Users should update to the patched versions 5.8.21 and 4.16.17 to mitigate the issue. Craft 3 users should update to the latest Craft 4 and...
PT-2026-1193
Name of the Vulnerable Software and Affected Versions Craft versions 5.0.0-RC1 through 5.8.20 Craft versions 3.0.0 through 4.16.16 Description Unauthenticated users can initiate database backup operations through certain administrative actions. This could lead to resource exhaustion or informatio...
CVE-2020-36887 SpinetiX Fusion Digital Signage 3.4.8 Unauthenticated Database Backup Disclosure
SpinetiX Fusion Digital Signage 3.4.8 contains an unauthenticated information disclosure vulnerability in the database backup directory. Attackers can access the /content/files/backups/ endpoint to download sensitive backup files containing user credentials and system information...
CVE-2020-36887 SpinetiX Fusion Digital Signage 3.4.8 Unauthenticated Database Backup Disclosure
SpinetiX Fusion Digital Signage 3.4.8 contains an unauthenticated information disclosure vulnerability in the database backup directory. Attackers can access the /content/files/backups/ endpoint to download sensitive backup files containing user credentials and system information...
EUVD-2021-11088
Malware in sbrugna...
EUVD-2010-2476
Malware in sbrugna...
EUVD-2004-1718
Malware in sbrugna...
EUVD-2012-2885
Malware in sbrugna...
EUVD-2006-3825
Malware in sbrugna...
EUVD-2008-5823
Malware in sbrugna...
EUVD-2007-0062
Malware in sbrugna...
EUVD-2018-13425
Malware in sbrugna...
EUVD-2025-1849
Malicious code in bioql PyPI...
EUVD-2023-46278
Malicious code in bioql PyPI...
EUVD-2023-0134
Malicious code in bioql PyPI...