Lucene search
K

49 matches found

CNNVD
CNNVD
added 2024/08/20 12:0 a.m.3 views

Kliqqi CMS 安全漏洞

Kliqqi CMS Pligg CMS is Kliqqi open source a content management system . Kliqqi CMS v2.0.2 version of a cross-site request forgery vulnerability , the vulnerability stems from /admin/adminbackup.php?dobackup=files does not adequately verify that the request is from a trusted user , an attacker ca...

8.8CVSS6.8AI score0.00279EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/08/20 12:0 a.m.2 views

Kliqqi CMS 安全漏洞

Kliqqi CMS Pligg CMS is Kliqqi open source a content management system . Kliqqi CMS v2.0.2 version of a cross-site request forgery vulnerability , the vulnerability stems from /admin/adminbackup.php?dobackup=clearall does not adequately verify that the request is from a trusted user , an attacker...

8.8CVSS6.8AI score0.00201EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/08/20 12:0 a.m.10 views

PT-2024-30055 · Pligg Cms · Pligg Cms

Name of the Vulnerable Software and Affected Versions: Pligg CMS version 2.0.2 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This vulnerability can be exploited via the "/admin/admin backup.php" endpoint, specifically when the dobackup parameter is set to...

8.8CVSS6.8AI score0.00201EPSS
Exploits1References6
CNNVD
CNNVD
added 2024/08/20 12:0 a.m.4 views

Kliqqi CMS 安全漏洞

Kliqqi CMS Pligg CMS is Kliqqi open source a content management system . Kliqqi CMS v2.0.2 version of the cross-site request forgery vulnerability , the vulnerability stems from /admin/adminbackup.php?dobackup=avatars do not adequately verify that the request is from a trusted user , an attacker...

8.8CVSS6.8AI score0.00208EPSS
Exploits1References2
OSV
OSV
added 2024/07/10 2:15 p.m.4 views

CVE-2024-40331

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/dbBakMySQLdeal.php?mudi=backup...

8.8CVSS5.8AI score0.00301EPSS
Exploits1References1
OSV
OSV
added 2024/07/10 1:15 p.m.5 views

CVE-2024-40329

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/softBakdeal.php?mudi=backup...

8.8CVSS5.8AI score0.00295EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/07/10 12:0 a.m.4 views

Net Titanium Technology idcCMS Security Breach

Net Titanium Technology idcCMS Net Titanium IDC Cloud Management Agent System is a cloud management agent system from China's Net Titanium Technology Net Titanium Technology. A security vulnerability exists in Net Titanium Technology idcCMS v1.35, which was discovered to contain a Cross Site...

8.8CVSS7.1AI score0.00301EPSS
Exploits1References2
OSV
OSV
added 2023/07/06 2:15 p.m.4 views

CVE-2020-21862

Directory traversal vulnerability in DuxCMS 2.1 allows attackers to delete arbitrary files via /admin/AdminBackup/del...

8.1CVSS5.9AI score0.00962EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/07/06 12:0 a.m.4 views

DuxCMS 路径遍历漏洞

DuxCMS is an open source content management system. A security vulnerability exists in DuxCMS version 2.1, which stems from a directory traversal vulnerability that allows an attacker to delete arbitrary files via /admin/AdminBackup/del...

8.1CVSS7.9AI score0.00962EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/07/06 12:0 a.m.5 views

PT-2023-11605 · Duxcms · Duxcms

Name of the Vulnerable Software and Affected Versions: DuxCMS version 2.1 Description: A directory traversal issue allows attackers to delete arbitrary files via the /admin/AdminBackup/del API endpoint. This enables attackers to potentially disrupt system functionality or destroy sensitive data...

8.1CVSS8AI score0.00962EPSS
Exploits1References3
OSV
OSV
added 2023/04/07 9:15 p.m.4 views

CVE-2023-27180

GDidees CMS v3.9.1 was discovered to contain a source code disclosure vulnerability by the backup feature which is accessible via /admin/backup.php...

7.5CVSS7.2AI score0.0105EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/04/07 12:0 a.m.5 views

GDidees CMS 安全漏洞

GDidees CMS is a website builder from GDidees. A security vulnerability exists in GDidees CMS version v3.9.1, which originates from a source code leak for the backup function. An attacker can exploit the vulnerability to access the code via /admin/backup.php...

7.5CVSS7.5AI score0.0105EPSS
Exploits1References4
OSV
OSV
added 2023/01/26 11:15 p.m.2 views

CVE-2022-46967

An access control issue in Revenue Collection System v1.0 allows unauthenticated attackers to view the contents of /admin/DBbackup/ directory...

9.8CVSS5.8AI score
Exploits0References1
OSV
OSV
added 2022/04/26 9:15 p.m.4 views

CVE-2022-28527

dhcms v20170919 was discovered to contain an arbitrary folder deletion vulnerability via /admin.php?r=admin/AdminBackup/del...

8.1CVSS7.4AI score0.01029EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/04/26 9:15 p.m.5 views

CVE-2022-28527

dhcms v20170919 was discovered to contain an arbitrary folder deletion vulnerability via /admin.php?r=admin/AdminBackup/del...

8.1CVSS7.2AI score0.01029EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/04/26 12:0 a.m.6 views

DhCms 路径遍历漏洞

DhCms Dinghua Cloud CMS is a content management system based on PHP and MySQL. A security vulnerability exists in DhCms version 20170919, which originated from an arbitrary folder deletion vulnerability found via /admin.php?r=admin/AdminBackup/del...

8.1CVSS7.9AI score0.01029EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2022/02/11 6:15 p.m.4 views

CVE-2021-44111

A Directory Traversal vulnerability exists in S-Cart 6.7 via download in sc-admin/backup...

4.4CVSS5.8AI score0.00475EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/02/11 5:21 p.m.27 views

CVE-2021-44111

A Directory Traversal vulnerability exists in S-Cart 6.7 via download in sc-admin/backup...

5AI score0.00475EPSS
Exploits1References1
OSV
OSV
added 2019/04/25 4:29 a.m.1 views

CVE-2019-11515

core/classes/dbbackup.php in Gila CMS 1.10.1 allows admin/dbbackup?download= absolute path traversal to read arbitrary files...

4.9CVSS5.9AI score0.02059EPSS
Exploits1References1
NVD
NVD
added 2019/01/23 9:29 a.m.21 views

CVE-2019-6691

phpwind 9.0.2.170426 UTF8 allows SQL Injection via the admin.php?m=backup&c=backup&a=doback tabledb parameter, related to the "--backup database" option...

7.2CVSS7.5AI score0.01059EPSS
Exploits1References1
Rows per page
Query Builder