Lucene search
K

29 matches found

CVE
CVE
added 2026/06/15 12:0 p.m.16 views

CVE-2018-25437

CVE-2018-25437 concerns WordPress CherryFramework Themes 3.1.4, where an information disclosure vulnerability lets unauthenticated attackers download sensitive backup files via download_backup.php in admin/data_management, exposing the entire wp-content/themes directory. According to the provided...

8.7CVSS5.3AI score0.00287EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/15 12:0 p.m.8 views

EUVD-2018-21959

WordPress CherryFramework Themes 3.1.4 contains an information disclosure vulnerability that allows unauthenticated attackers to download sensitive backup files by accessing the downloadbackup.php endpoint. Attackers can directly access the downloadbackup.php script in the admin/datamanagement...

8.7CVSS5.2AI score0.00287EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/15 12:0 p.m.9 views

EUVD-2016-10888

WordPress Simple-Backup 2.7.11 contains multiple vulnerabilities that allow unauthenticated attackers to delete arbitrary files and download sensitive files by manipulating the deletebackupfile and downloadbackupfile parameters in tools.php. Attackers can exploit insufficient input validation usi...

8.7CVSS5.5AI score0.00601EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.14 views

PT-2026-49214

WordPress Simple-Backup 2.7.11 contains multiple vulnerabilities that allow unauthenticated attackers to delete arbitrary files and download sensitive files by manipulating the delete backup file and download backup file parameters in tools.php. Attackers can exploit insufficient input validation...

8.7CVSS5.5AI score0.00601EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:40 p.m.9 views

CVE-2026-7257

UNSUPPORTED WHEN ASSIGNED An insecure storage of sensitive information vulnerability in the configuration file of Zyxel WRE6505 v2 firmware version V1.00ABDV.3C0 could allow a local attacker with administrator privileges to download and decrypt a backup configuration file...

4.4CVSS5.4AI score0.00108EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/29 5:32 p.m.15 views

EUVD-2026-33396

An authenticated user can download a backup of the Danelec MacGregor Voyage Data Recorder device which includes account data and password hashes...

5.9CVSS5.8AI score0.00169EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.14 views

PT-2026-44928

Name of the Vulnerable Software and Affected Versions Danelec MacGregor Voyage Data Recorder affected versions not specified Description An authenticated user can download a backup of the device, which contains account data and password hashes. Recommendations At the moment, there is no informati...

5.9CVSS5.8AI score0.00169EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/12 6:31 a.m.10 views

EUVD-2026-29377

UNSUPPORTED WHEN ASSIGNED An insecure storage of sensitive information vulnerability in the configuration file of Zyxel WRE6505 v2 firmware version V1.00ABDV.3C0 could allow a local attacker with administrator privileges to download and decrypt a backup configuration file...

4.4CVSS5.8AI score0.00108EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/15 1:21 a.m.4 views

EUVD-2024-55036

Huijietong Cloud Video Platform contains a path traversal vulnerability that allows an unauthenticated attacker can supply arbitrary file paths to the fullPath parameter of the /fileDownload?action=downloadBackupFile endpoint and retrieve files from the server filesystem. VulnCheck has observed...

8.7CVSS6.7AI score0.00418EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/10/15 12:0 a.m.4 views

HuiJieTong Cloud Video Platform 安全漏洞

HuiJieTong Cloud Video Platform is a cloud video platform from China-based HuiJieTong. A security vulnerability exists in HuiJieTong Cloud Video Platform, which can be exploited by an unauthenticated attacker to provide an arbitrary file path to the fullPath parameter of the...

8.7CVSS9.1AI score0.00418EPSS
Exploits0References3
Prion
Prion
added 2024/02/15 8:15 p.m.9 views

Directory traversal

Directory Traversal vulnerability in flusity CMS v.2.4 allows a remote attacker to execute arbitrary code and obtain sensitive information via the downloadbackup.php component...

8AI score0.01417EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/02/15 12:0 a.m.4 views

flusity CMS Security Vulnerability

flusity CMS is a user interactive interface solution where code can be easily changed or added. A security vulnerability exists in flusity CMS version v.2.4, which stems from a path traversal vulnerability in the component downloadbackup.php...

9.8CVSS7.1AI score0.01417EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/09/06 12:0 a.m.4 views

Delinea Secret Server Security Vulnerability

Delinea Secret Server is a powerful PAM in the cloud or locally from Delinea USA. A security vulnerability exists in Delinea Secret Server versions v10.9.000002 and v11.4.000002, which originates from allowing an authenticated user with administrative privileges to create a backup file in the...

6.8CVSS6.5AI score0.00286EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2023/06/22 12:0 a.m.325 views

Zstore 6.5.4 Database Disclosure

==================================================================================================================================== | Title : Zstore version 6.5.4 Database Disclosure Exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 108.032-bit ...

7.1AI score
Exploits0
NVD
NVD
added 2023/03/07 3:15 p.m.22 views

CVE-2022-4931

The BackupWordPress plugin for WordPress is vulnerable to information disclosure in versions up to, and including 3.12. This is due to missing authorization on the heartbeatreceived function that triggers on WordPress heartbeat. This makes it possible for authenticated attackers, with...

4.3CVSS4.2AI score0.00458EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2017/09/29 12:0 a.m.31 views

Roteador Wireless Intelbras WRN150 Authentication Bypass

Exploit Title: Autentication Bypass/Config file download - INTELBRAS WRN150 Date: 28/09/2017 Exploit Author: Elber Tavares Vendor Homepage: http://intelbras.com.br/ Version: Intelbras Wireless N 150 Mbps - WRN 150 Tested on: kali linux, windows 7, 8.1, 10 For more info:...

0.8AI score
Exploits0
CNVD
CNVD
added 2017/09/28 12:0 a.m.3 views

Wordpress BackWPup Plugin File Download Vulnerability

WordPress is the WordPress Software Foundation a set of blogging platform using PHP language development, the platform supports in PHP and MySQL server set up a personal blog site.BackWPup is one of the automatic backup plugin. A security vulnerability exists in versions of the Wordpress BackWPup...

7.5CVSS7.3AI score0.01671EPSS
Exploits1References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Kasseler CMS 2.0.5 - Bypass / Download Backup Vulnerability

No description provided by source...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2011/04/25 12:0 a.m.53 views

CitusCMS 0.6 Backup Disclosure

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

7.4AI score
Exploits0
0day.today
0day.today
added 2011/04/24 12:0 a.m.23 views

CitusCMS <= 0.6 Download Backup Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

7.1AI score
Exploits0
Rows per page
Query Builder