29 matches found
CVE-2020-24924
A Persistent Cross-site Scripting vulnerability is found in ElkarBackup v1.3.3, where an attacker can steal the user session cookie using this vulnerability present on Policies action Name Parameter...
CVE-2020-24925
A Sensitive Source Code Path Disclosure vulnerability is found in ElkarBackup v1.3.3. An attacker is able to view the path of the source code jobs/sort where entire source code path is displayed in the browser itself helping the attacker identify the code structure...
EUVD-2020-17629
Malware in sbrugna...
EUVD-2020-17628
Malware in sbrugna...
EUVD-2020-22927
Malware in sbrugna...
CVE-2020-35249
Cross Site Scripting XSS vulnerability in ElkarBackup 1.3.3, allows attackers to execute arbitrary code via the name parameter to the add client feature...
CVE-2020-35249
Cross Site Scripting XSS vulnerability in ElkarBackup 1.3.3, allows attackers to execute arbitrary code via the name parameter to the add client feature...
CVE-2020-35249
Cross Site Scripting XSS vulnerability in ElkarBackup 1.3.3, allows attackers to execute arbitrary code via the name parameter to the add client feature...
Cross site scripting
Cross Site Scripting XSS vulnerability in ElkarBackup 1.3.3, allows attackers to execute arbitrary code via the name parameter to the add client feature...
CVE-2020-35249
Cross Site Scripting XSS vulnerability in ElkarBackup 1.3.3, allows attackers to execute arbitrary code via the name parameter to the add client feature...
CVE-2020-35249
CVE-2020-35249 affects ElkarBackup 1.3.3. It is a Cross Site Scripting (XSS) vulnerability where an attacker can execute arbitrary code through the name parameter in the add client feature. The impact described is browser-executed code via the vulnerable input. Referenced exploit material exists ...
ElkarBackup 跨站脚本漏洞
ElkarBackup is an open source backup product based on RSync/RSnapshot technology to backup data on windows/linux platforms. ElkarBackup cross-site scripting vulnerability , the vulnerability stems from the lack of WEB applications on the client data correctly validated . An attacker can exploit...
ElkarBackup 1.3.3 Cross Site Scripting
Exploit Title: ElkarBackup 1.3.3 - 'Policyname' and 'PolicyDescription' Stored Cross-site Scripting Date: 2020-08-22 Exploit Author: Vyshnav NK Vendor Homepage: https://www.elkarbackup.org/ Software Link: https://github.com/elkarbackup/elkarbackup/wiki/Installation Version: 1.3.3 Tested on: Linux...
ElkarBackup 1.3.3 - 'Policy[name]' and 'Policy[Description]' Stored Cross-site Scripting
Exploit Title: ElkarBackup 1.3.3 - 'Policyname' and 'PolicyDescription' Stored Cross-site Scripting Date: 2020-08-22 Exploit Author: Vyshnav NK Vendor Homepage: https://www.elkarbackup.org/ Software Link: https://github.com/elkarbackup/elkarbackup/wiki/Installation Version: 1.3.3 Tested on: Linux...
ElkarBackup Path Traversal Vulnerability
ElkarBackup is a free open source backup solution based on RSync/RSnapshot. ElkarBackup 1.3.3 suffers from a sensitive source code path disclosure vulnerability. An attacker can exploit this vulnerability to view the path to the jobs/sort source code, which can be used to identify the code...
ElkarBackup Cross-Site Scripting Vulnerability
ElkarBackup is a free open source backup solution based on RSync/RSnapshot. A persistent cross-site scripting vulnerability exists in the Policies action Name parameter in ElkarBackup 1.3.3. An attacker can exploit this vulnerability to steal user session cookies...
CVE-2020-24925
A Sensitive Source Code Path Disclosure vulnerability is found in ElkarBackup v1.3.3. An attacker is able to view the path of the source code jobs/sort where entire source code path is displayed in the browser itself helping the attacker identify the code structure...
CVE-2020-24924
A Persistent Cross-site Scripting vulnerability is found in ElkarBackup v1.3.3, where an attacker can steal the user session cookie using this vulnerability present on Policies action Name Parameter...
CVE-2020-24924
A Persistent Cross-site Scripting vulnerability is found in ElkarBackup v1.3.3, where an attacker can steal the user session cookie using this vulnerability present on Policies action Name Parameter...
CVE-2020-24925
A Sensitive Source Code Path Disclosure vulnerability is found in ElkarBackup v1.3.3. An attacker is able to view the path of the source code jobs/sort where entire source code path is displayed in the browser itself helping the attacker identify the code structure...