WordPress 跨站请求伪造漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports personal blog sites on servers running PHP and MySQL. Database Backups WordPress plugin through 1.2.2.6 A cross-site request forgery vulnerability can be exploite...

Database Backups <= 1.2.2.6 - CSRF to Backup Download

The plugin does not have CSRF checks, allowing attackers to make a logged in user unwanted actions, such as generate backups of the database, change the plugin's settings and delete backups. When generating a backup, the file is created in the /wp-content/uploads/database-backups directory, with ...

Database Backups <= 1.2.2.6 - CSRF to Backup Download

The plugin does not have CSRF checks, allowing attackers to make a logged in user unwanted actions, such as generate backups of the database, change the plugin's settings and delete backups. When generating a backup, the file is created in the /wp-content/uploads/database-backups directory, with ...

File Manager < 6.5 - Backup File Directory Listing

The File Manager WordPress plugin could expose backup files if the web server had Directory Listing enabled. The File Manager WordPress plugin, version 6.4 and lower, failed to restrict external access to the fmbackups directory with a .htaccess file. This resulted in the ability for...

Arbitrary file download vulnerability in Swordfish Forum

Swordfish Forum is a bbs forum system officially and publicly released by Catfish CMS. Swordfish Forum has an arbitrary file download vulnerability that can be exploited by attackers to download database backup files...

Command injection

In Gallagher Command Centre Server versions of v8.10 prior to v8.10.1134MR4, v8.00 prior to v8.00.1161MR5, v7.90 prior to v7.90.991MR5, v7.80 prior to v7.80.960MR2 and v7.70 or earlier, an unprivileged but authenticated user is able to perform a backup of the Command Centre databases...

CVE-2019-11029

Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the Download method of AutoUpdateService in SMServer.exe, leading to Directory Traversal. An attacker could use ..\ with this method to iterate over lists of interesting system files and download them without previous authentication. This...

CVE-2018-20887

cPanel before 74.0.0 allows SQL injection during database backups SEC-420...

CVE-2018-20887

cPanel before 74.0.0 allows SQL injection during database backups SEC-420...

Sql injection

cPanel before 74.0.0 allows SQL injection during database backups SEC-420...

CVE-2018-20887

cPanel before 74.0.0 allows SQL injection during database backups SEC-420...

Prima FlexAir Database Configuration Backup Download Vulnerability

Prima Systems FlexAir is an access control system from Prima Systems in Slovenia. A database configuration backup download vulnerability exists in Prima FlexAir version 2.3.38 and earlier. The vulnerability stems from a predictable file name. An attacker could exploit the vulnerability to downloa...

Information Disclosure Vulnerability in DSCMS Enterprise Content Management System V1.4

DSCMS Enterprise Station Content Management System is an enterprise website system. An information disclosure vulnerability exists in DSCMS Enterprise Station Content Management System V1.4. An attacker can exploit this vulnerability to obtain database backup files...

CVE-2019-12564

In DouCo DouPHP v1.5 Release 20190516, remote attackers can view the database backup file via a brute-force guessing approach for data/backup/DyyyymmddThhmmss.sql filenames...

RingsDB Software 1.0.0 Database Disclosure

Exploit Title : RingsDB Software 1.0.0 Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 20/04/2019 Vendor Homepage : ringsdb.com Software Download Link : github.com/Sydtrack/ringsdb/archive/1.0.0.zip Software Information Link : ringsdb.com/abo...

WordPress Plugin Lumise Database Backup Leakage Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A security vulnerability exists in the WordPress plugin Lumise. An attacker can exploit the vulnerability to obtain sensitive...

WordPress Plugin Ithemes-BackupBuddy Amazon WP-S3 Information Disclosure Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. An information disclosure vulnerability exists in the WordPress plugin Ithemes-BackupBuddy Amazon WP-S3. An attacker can...

WordPress Plugin MagicMembers Information Disclosure Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. An information disclosure vulnerability exists in the WordPress plugin MagicMembers. An attacker can exploit the vulnerabilit...

Kaseya VSA R9.2 Arbitrary File Read Vulnerability

A security vulnerability was found in Kaseya VSA file download file functionality. Using this vulnerability an authenticated user in a Kaseya VSA environment is able to download arbitrary files from the server including source code of Kaseya, the database backups, configuration files, and even...

Kaseya VSA R9.2 Arbitrary File Read

------------------------------------------------------------------------ Arbitrary file read in Kaseya VSA ------------------------------------------------------------------------ Kin Hung Cheng, Robert Hartshorn, May 2017 ------------------------------------------------------------------------...