49 matches found
Kliqqi CMS 安全漏洞
Kliqqi CMS Pligg CMS is Kliqqi open source a content management system . Kliqqi CMS v2.0.2 version of a cross-site request forgery vulnerability , the vulnerability stems from /admin/adminbackup.php?dobackup=files does not adequately verify that the request is from a trusted user , an attacker ca...
Kliqqi CMS 安全漏洞
Kliqqi CMS Pligg CMS is Kliqqi open source a content management system . Kliqqi CMS v2.0.2 version of a cross-site request forgery vulnerability , the vulnerability stems from /admin/adminbackup.php?dobackup=clearall does not adequately verify that the request is from a trusted user , an attacker...
PT-2024-30055 · Pligg Cms · Pligg Cms
Name of the Vulnerable Software and Affected Versions: Pligg CMS version 2.0.2 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This vulnerability can be exploited via the "/admin/admin backup.php" endpoint, specifically when the dobackup parameter is set to...
Kliqqi CMS 安全漏洞
Kliqqi CMS Pligg CMS is Kliqqi open source a content management system . Kliqqi CMS v2.0.2 version of the cross-site request forgery vulnerability , the vulnerability stems from /admin/adminbackup.php?dobackup=avatars do not adequately verify that the request is from a trusted user , an attacker...
CVE-2024-40331
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/dbBakMySQLdeal.php?mudi=backup...
CVE-2024-40329
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/softBakdeal.php?mudi=backup...
Net Titanium Technology idcCMS Security Breach
Net Titanium Technology idcCMS Net Titanium IDC Cloud Management Agent System is a cloud management agent system from China's Net Titanium Technology Net Titanium Technology. A security vulnerability exists in Net Titanium Technology idcCMS v1.35, which was discovered to contain a Cross Site...
CVE-2020-21862
Directory traversal vulnerability in DuxCMS 2.1 allows attackers to delete arbitrary files via /admin/AdminBackup/del...
DuxCMS 路径遍历漏洞
DuxCMS is an open source content management system. A security vulnerability exists in DuxCMS version 2.1, which stems from a directory traversal vulnerability that allows an attacker to delete arbitrary files via /admin/AdminBackup/del...
PT-2023-11605 · Duxcms · Duxcms
Name of the Vulnerable Software and Affected Versions: DuxCMS version 2.1 Description: A directory traversal issue allows attackers to delete arbitrary files via the /admin/AdminBackup/del API endpoint. This enables attackers to potentially disrupt system functionality or destroy sensitive data...
CVE-2023-27180
GDidees CMS v3.9.1 was discovered to contain a source code disclosure vulnerability by the backup feature which is accessible via /admin/backup.php...
GDidees CMS 安全漏洞
GDidees CMS is a website builder from GDidees. A security vulnerability exists in GDidees CMS version v3.9.1, which originates from a source code leak for the backup function. An attacker can exploit the vulnerability to access the code via /admin/backup.php...
CVE-2022-46967
An access control issue in Revenue Collection System v1.0 allows unauthenticated attackers to view the contents of /admin/DBbackup/ directory...
CVE-2022-28527
dhcms v20170919 was discovered to contain an arbitrary folder deletion vulnerability via /admin.php?r=admin/AdminBackup/del...
CVE-2022-28527
dhcms v20170919 was discovered to contain an arbitrary folder deletion vulnerability via /admin.php?r=admin/AdminBackup/del...
DhCms 路径遍历漏洞
DhCms Dinghua Cloud CMS is a content management system based on PHP and MySQL. A security vulnerability exists in DhCms version 20170919, which originated from an arbitrary folder deletion vulnerability found via /admin.php?r=admin/AdminBackup/del...
CVE-2021-44111
A Directory Traversal vulnerability exists in S-Cart 6.7 via download in sc-admin/backup...
CVE-2021-44111
A Directory Traversal vulnerability exists in S-Cart 6.7 via download in sc-admin/backup...
CVE-2019-11515
core/classes/dbbackup.php in Gila CMS 1.10.1 allows admin/dbbackup?download= absolute path traversal to read arbitrary files...
CVE-2019-6691
phpwind 9.0.2.170426 UTF8 allows SQL Injection via the admin.php?m=backup&c=backup&a=doback tabledb parameter, related to the "--backup database" option...