10 matches found
PT-2026-49214
WordPress Simple-Backup 2.7.11 contains multiple vulnerabilities that allow unauthenticated attackers to delete arbitrary files and download sensitive files by manipulating the delete backup file and download backup file parameters in tools.php. Attackers can exploit insufficient input validation...
CVE-2026-42063
A vulnerability exists in iControl SOAP where an authenticated attacker with the Resource Administrator or Administrator role can download sensitive files. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
F5 Networks BIG-IP : iControl SOAP vulnerability (K000160973)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.2 / 17.5.1.6 / 21.0.0.2. It is, therefore, affected by a vulnerability as referenced in the K000160973 advisory. A vulnerability exists in iControl SOAP where an authenticated attacker with the Resource Administrato...
CVE-2026-42063
A vulnerability exists in iControl SOAP where an authenticated attacker with the Resource Administrator or Administrator role can download sensitive files. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2026-42063 iControl SOAP vulnerability
A vulnerability exists in iControl SOAP where an authenticated attacker with the Resource Administrator or Administrator role can download sensitive files. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2026-42063 iControl SOAP vulnerability
A vulnerability exists in iControl SOAP where an authenticated attacker with the Resource Administrator or Administrator role can download sensitive files. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
PT-2026-40668
Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.2 F5 BIG-IP versions prior to 17.5.1.6 F5 BIG-IP versions prior to 21.0.0.2 Description An authenticated attacker with the Resource Administrator or Administrator role can download sensitive files via iContro...
EUVD-2020-7081
Malware in sbrugna...
CVE-2015-10134 Simple Backup <= 2.7.10 - Arbitrary File Download via Path Traversal
The Simple Backup plugin for WordPress is vulnerable to Arbitrary File Download in versions up to, and including, 2.7.10. via the downloadbackupfile function. This is due to a lack of capability checks and file type validation. This makes it possible for attackers to download sensitive files such...
PT-2023-19530 · Rconfig · Rconfig
Name of the Vulnerable Software and Affected Versions: rConfig version 6.8.0 Description: The issue allows attackers to download sensitive files via a crafted HTTP request, potentially exposing sensitive information. Recommendations: For rConfig version 6.8.0, at the moment, there is no informati...