Lucene search
+L

85 matches found

cvelist
cvelist
added 2024/05/28 12:21 p.m.27 views

CVE-2024-5413 Cross-Site Scripting (XSS) vulnerability on PhpMyBackupPro

A vulnerability have been discovered in PhpMyBackupPro affecting version 2.3 that could allow an attacker to execute XSS through /phpmybackuppro/scheduled.php, all parameters. This vulnerabilities could allow an attacker to create a specially crafted URL and send it to a victim to retrieve their...

7.1CVSS7AI score0.00277EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/05/28 12:21 p.m.15 views

CVE-2024-5413 Cross-Site Scripting (XSS) vulnerability on PhpMyBackupPro

A vulnerability have been discovered in PhpMyBackupPro affecting version 2.3 that could allow an attacker to execute XSS through /phpmybackuppro/scheduled.php, all parameters. This vulnerabilities could allow an attacker to create a specially crafted URL and send it to a victim to retrieve their...

7.1CVSS6.6AI score0.00277EPSS
Exploits0References1
cnnvd
cnnvd
added 2024/05/28 12:0 a.m.7 views

PhpMyBackupPro 跨站脚本漏洞

PhpMyBackupPro is a very easy to use, free web-based MySQL backup application from the Chris Younger project. A cross-site scripting vulnerability exists in PhpMyBackupPro version 2.3, which stems from a cross-site scripting vulnerability in the view parameter of /phpmybackuppro/getfile.php, whic...

7.1CVSS6AI score0.00252EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2024/05/28 12:0 a.m.6 views

PT-2024-36060 · Unknown · Phpmybackuppro

Name of the Vulnerable Software and Affected Versions: PhpMyBackupPro version 2.3 Description: A vulnerability has been discovered that could allow an attacker to execute XSS through the "/phpmybackuppro/scheduled.php" API endpoint, utilizing all parameters. This issue could enable an attacker to...

7.1CVSS6.1AI score0.00277EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2024/05/28 12:0 a.m.7 views

PT-2024-36073

Name of the Vulnerable Software and Affected Versions: PhpMyBackupPro version 2.3 Description: A vulnerability has been discovered that could allow an attacker to execute XSS through the "/phpmybackuppro/backup.php" API endpoint, using the comments and db parameters. This could allow an attacker ...

7.1CVSS6.1AI score0.00276EPSS
Exploits0References6
cnnvd
cnnvd
added 2024/05/28 12:0 a.m.6 views

PhpMyBackupPro 跨站脚本漏洞

PhpMyBackupPro is a very easy to use, free web-based MySQL backup application from the Chris Younger project. A cross-site scripting vulnerability exists in PhpMyBackupPro version 2.3, which stems from a cross-site scripting vulnerability in /phpmybackuppro/scheduled.php, which allows an attacker...

7.1CVSS6AI score0.00277EPSS
Exploits0References2
cnnvd
cnnvd
added 2024/05/28 12:0 a.m.7 views

PhpMyBackupPro 跨站脚本漏洞

PhpMyBackupPro is a very easy to use, free web-based MySQL backup application from the Chris Younger project. A cross-site scripting vulnerability exists in PhpMyBackupPro version 2.3, which stems from a cross-site scripting vulnerability in the comments, db parameter in /phpmybackuppro/backup.ph...

7.1CVSS6AI score0.00276EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2024/05/28 12:0 a.m.10 views

PT-2024-36068 · Unknown · Phpmybackuppro

Name of the Vulnerable Software and Affected Versions: PhpMyBackupPro version 2.3 Description: A vulnerability has been discovered that could allow an attacker to execute XSS through the "/phpmybackuppro/get file.php" API endpoint, using the view parameter. This could allow an attacker to create ...

7.1CVSS6.2AI score0.00252EPSS
Exploits0References3
nvd
nvd
added 2017/12/28 2:29 a.m.15 views

CVE-2015-3637

SQL injection vulnerability in phpMyBackupPro when run in multi-user mode before 2.5 allows remote attackers to execute arbitrary SQL commands via the username and password parameters...

8.1CVSS8.7AI score0.01368EPSS
Exploits0References2
prion
prion
added 2017/12/28 2:29 a.m.13 views

Sql injection

SQL injection vulnerability in phpMyBackupPro when run in multi-user mode before 2.5 allows remote attackers to execute arbitrary SQL commands via the username and password parameters...

6.8CVSS9.3AI score0.01368EPSS
Exploits0References2Affected Software1
cve
cve
added 2017/12/27 6:0 p.m.53 views

CVE-2015-3637

The CVE-2015-3637 entry describes a SQL injection vulnerability in phpMyBackupPro when run in multi-user mode prior to version 2.5. The vulnerability arises from improper handling of user-supplied input in multi-user mode, specifically through the username and password parameters, enabling remote...

8.1CVSS8.7AI score0.01368EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2017/12/27 6:0 p.m.23 views

CVE-2015-3637

SQL injection vulnerability in phpMyBackupPro when run in multi-user mode before 2.5 allows remote attackers to execute arbitrary SQL commands via the username and password parameters...

8.7AI score0.01368EPSS
Exploits0References2
cnvd
cnvd
added 2017/08/29 12:0 a.m.6 views

phpMyBackupPro path traversal vulnerability (CNVD-2017-30647)

phpMyBackupPro is a free web-based MySql backup tool. The tool supports automatic backup, timed backup, off-site backup MySql database. A directory traversal vulnerability exists in the getfile.php file in phpMyBackupPro versions 2.1 through 2.5. A remote attacker can read arbitrary files with th...

7.5CVSS7.6AI score0.11574EPSS
Exploits0References1
cnvd
cnvd
added 2017/08/29 12:0 a.m.7 views

phpMyBackupPro Path Traversal Vulnerability

phpMyBackupPro is a free web-based MySql backup tool. The tool supports automatic backup, timed backup, off-site backup MySql database. A directory traversal vulnerability exists in the getfile.php file in phpMyBackupPro versions 2.1 through 2.4. A remote attacker can read arbitrary files with th...

7.5CVSS7.5AI score0.02921EPSS
Exploits0References1
nvd
nvd
added 2017/08/25 6:29 p.m.20 views

CVE-2015-4180

Directory traversal vulnerability in getfile.php in phpMyBackupPro 2.1 through 2.4 allows remote attackers to read arbitrary files via a .. dot dot in the view parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this...

7.5CVSS7.4AI score0.02921EPSS
Exploits0References1
nvd
nvd
added 2017/08/25 6:29 p.m.15 views

CVE-2015-4181

Directory traversal vulnerability in getfile.php in phpMyBackupPro 2.1 through 2.5 allows remote attackers to read arbitrary files via a .. dot dot in the view parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this...

7.5CVSS7.4AI score0.11574EPSS
Exploits0References1
prion
prion
added 2017/08/25 6:29 p.m.14 views

Directory traversal

Directory traversal vulnerability in getfile.php in phpMyBackupPro 2.1 through 2.5 allows remote attackers to read arbitrary files via a .. dot dot in the view parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this...

5CVSS7.5AI score0.11574EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2017/08/25 6:0 p.m.17 views

CVE-2015-4181

Directory traversal vulnerability in getfile.php in phpMyBackupPro 2.1 through 2.5 allows remote attackers to read arbitrary files via a .. dot dot in the view parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this...

7.4AI score0.11574EPSS
Exploits0References1
cvelist
cvelist
added 2017/08/25 6:0 p.m.19 views

CVE-2015-4180

Directory traversal vulnerability in getfile.php in phpMyBackupPro 2.1 through 2.4 allows remote attackers to read arbitrary files via a .. dot dot in the view parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this...

7.4AI score0.02921EPSS
Exploits0References1
cve
cve
added 2017/08/25 6:0 p.m.49 views

CVE-2015-4181

CVE-2015-4181 affects phpMyBackupPro versions 2.1–2.5 (get_file.php) with a directory traversal via the view parameter, enabling remote attackers to read arbitrary files. The issue is documented across multiple sources (NVD/NVD-linked CNVD entries) as a path-traversal vulnerability in get_file.ph...

7.5CVSS7.4AI score0.11574EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder