Lucene search
K

29 matches found

Prion
Prion
added 2020/09/15 1:15 p.m.17 views

Path traversal

A Sensitive Source Code Path Disclosure vulnerability is found in ElkarBackup v1.3.3. An attacker is able to view the path of the source code jobs/sort where entire source code path is displayed in the browser itself helping the attacker identify the code structure...

3.5CVSS7.5AI score0.00962EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2020/09/15 1:15 p.m.14 views

Cross site scripting

A Persistent Cross-site Scripting vulnerability is found in ElkarBackup v1.3.3, where an attacker can steal the user session cookie using this vulnerability present on Policies action Name Parameter...

3.5CVSS5.3AI score0.00777EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2020/09/15 12:52 p.m.24 views

CVE-2020-24925

A Sensitive Source Code Path Disclosure vulnerability is found in ElkarBackup v1.3.3. An attacker is able to view the path of the source code jobs/sort where entire source code path is displayed in the browser itself helping the attacker identify the code structure...

7.5AI score0.00962EPSS
Exploits1References2
CVE
CVE
added 2020/09/15 12:52 p.m.53 views

CVE-2020-24925

Summary: CVE-2020-24925 affects ElkarBackup v1.3.3 and exposes a sensitive source code path disclosure. What is affected: ElkarBackup, component path disclosure in the web UI, specifically the jobs/sort path, which reveals the full source code path: /app/elkarbackup/src/Binovo/ElkarBackupBundle/C...

7.5CVSS7.5AI score0.00962EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/09/15 12:50 p.m.16 views

CVE-2020-24924

A Persistent Cross-site Scripting vulnerability is found in ElkarBackup v1.3.3, where an attacker can steal the user session cookie using this vulnerability present on Policies action Name Parameter...

5.4AI score0.00777EPSS
Exploits1References3
CVE
CVE
added 2020/09/15 12:50 p.m.34 views

CVE-2020-24924

ElkarBackup v1.3.3 contains a persistent cross-site scripting vulnerability that can allow an attacker to steal a user session cookie. The issue is located in the Policies → action → Name parameter. Multiple connected sources (Red Hat, CNVD, NVD, CVE lists) corroborate the vulnerability as a cros...

5.4CVSS5.4AI score0.00777EPSS
Exploits1References3Affected Software1
0day.today
0day.today
added 2020/08/20 12:0 a.m.320 views

ElkarBackup 1.3.3 - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: ElkarBackup 1.3.3 - Persistent Cross-Site Scripting Exploit Author: Enes Özeser Vendor Homepage: https://www.elkarbackup.org/ Version: 1.3.3 Tested on: Linux 1- Go to following url. http://HOST/elkarbackup/login 2- Default...

Exploits0
Packet Storm
Packet Storm
added 2020/08/20 12:0 a.m.302 views

ElkarBackup 1.3.3 Cross Site Scripting

Exploit Title: ElkarBackup 1.3.3 - Persistent Cross-Site Scripting Date: 2020-08-14 Exploit Author: Enes Özeser Vendor Homepage: https://www.elkarbackup.org/ Version: 1.3.3 Tested on: Linux 1- Go to following url. http://HOST/elkarbackup/login 2- Default username and password is root:root. We mus...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/08/20 12:0 a.m.314 views

ElkarBackup 1.3.3 - Persistent Cross-Site Scripting

Exploit Title: ElkarBackup 1.3.3 - Persistent Cross-Site Scripting Date: 2020-08-14 Exploit Author: Enes Özeser Vendor Homepage: https://www.elkarbackup.org/ Version: 1.3.3 Tested on: Linux 1- Go to following url. http://HOST/elkarbackup/login 2- Default username and password is root:root. We mus...

7.4AI score
Exploits0
Rows per page
Query Builder