21 matches found
Malicious code in test-mlw2-kilim-preed-attic-bully (npm)
The package test-mlw2-kilim-preed-attic-bully was found to contain malicious code...
MAL-2025-35619 Malicious code in test-mlw2-kilim-preed-attic-bully (npm)
The package test-mlw2-kilim-preed-attic-bully was found to contain malicious code...
MAL-2025-34904 Malicious code in test-mlw2-attic-frist-mashy-vireo (npm)
The package test-mlw2-attic-frist-mashy-vireo was found to contain malicious code...
atticrecruitment.co.uk Cross Site Scripting vulnerability OBB-3726039
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
atticstorage.co.uk Cross Site Scripting vulnerability OBB-3299982
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
attic has improper verification of unencrypted backups
attic before 0.15 does not confirm unencrypted backups with the user, which allows remote attackers with read and write privileges for the encrypted repository to obtain potentially sensitive information by changing the manifest type byte of the repository to "unencrypted / without key file"...
Attic 'attic/archiver.py' security bypass vulnerability
Attic is a Python based data backup program that uses deduplication technology. A security bypass vulnerability exists in Attic. An attacker could use this vulnerability to bypass security restrictions and perform unauthorized operations...
PYSEC-2017-6
attic before 0.15 does not confirm unencrypted backups with the user, which allows remote attackers with read and write privileges for the encrypted repository to obtain potentially sensitive information by changing the manifest type byte of the repository to "unencrypted / without key file"...
CVE-2015-4082
attic before 0.15 does not confirm unencrypted backups with the user, which allows remote attackers with read and write privileges for the encrypted repository to obtain potentially sensitive information by changing the manifest type byte of the repository to "unencrypted / without key file"...
Design/Logic Flaw
attic before 0.15 does not confirm unencrypted backups with the user, which allows remote attackers with read and write privileges for the encrypted repository to obtain potentially sensitive information by changing the manifest type byte of the repository to "unencrypted / without key file"...
CVE-2015-4082
attic before 0.15 does not confirm unencrypted backups with the user, which allows remote attackers with read and write privileges for the encrypted repository to obtain potentially sensitive information by changing the manifest type byte of the repository to "unencrypted / without key file"...
UBUNTU-CVE-2015-4082
attic before 0.15 does not confirm unencrypted backups with the user, which allows remote attackers with read and write privileges for the encrypted repository to obtain potentially sensitive information by changing the manifest type byte of the repository to "unencrypted / without key file"...
PYSEC-2017-6
attic before 0.15 does not confirm unencrypted backups with the user, which allows remote attackers with read and write privileges for the encrypted repository to obtain potentially sensitive information by changing the manifest type byte of the repository to "unencrypted / without key file"...
CVE-2015-4082
CVE-2015-4082 (Attic) affects the Attic backup tool prior to 0.15. The issue is that backups may be unencrypted without user confirmation, allowing a user with read/write privileges on the encrypted repository to alter the manifest type byte to unencrypted, potentially exposing sensitive informat...
CVE-2015-4082
attic before 0.15 does not confirm unencrypted backups with the user, which allows remote attackers with read and write privileges for the encrypted repository to obtain potentially sensitive information by changing the manifest type byte of the repository to "unencrypted / without key file"...
Attic 'attic/archiver.py' security bypass vulnerability
Attic is a Python based data backup program that uses deduplication technology. A security bypass vulnerability exists in Attic. An attacker could use this vulnerability to bypass security restrictions and perform unauthorized operations...
Digital Attic SQL Injection
Title : Digital Attic SQL Injection Vulnerability Vendor Link: : http://www.digitalattic.com/ Author : tempemendoan Contact : anu :D Google Dork : inurl:"gorengan tempe" intext:"CMS by Digital Attic" === POC === ? http://website/index.php?id=SQL Note : SQL Versi =4.1 Login : http://website/cp/...
Digital Attic Foundation CMS - id SQL Injection
Digital Attic Foundation CMS - id SQL Injection source: https://www.securityfocus.com/bid/50735/info Digital Attic Foundation CMS is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit...
Digital Attic Foundation CMS - 'id' SQL Injection
source: https://www.securityfocus.com/bid/50735/info Digital Attic Foundation CMS is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit may allow an attacker to compromise the...
Digital Attic SQL Injection Vulnerability
Exploit for php platform in category web applications Title : Digital Attic SQL Injection Vulnerability Vendor Link: : http://www.digitalattic.com/ Author : tempemendoan Contact : anu :D Google Dork : inurl:"gorengan tempe" intext:"CMS by Digital Attic" === POC === ? http://website/index.php?id=S...