14 matches found
CVE-2024-57273
Netgate pfSense CE prior to 2.8.0 beta release and corresponding Plus builds is vulnerable to Cross-site scripting XSS in the Automatic Configuration Backup ACB service, allowing remote attackers to execute arbitrary JavaScript, delete backups, or leak sensitive information via an unsanitized...
WordPress Database Backup for WordPress Plugin < 2.5.2 CSRF Vulnerability
The WordPress plugin Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...
Cross site request forgery (csrf)
The Database Backup for WordPress plugin before 2.5.2 does not have CSRF check in place when updating the schedule backup settings, which could allow an attacker to make a logged in admin change them via a CSRF attack. This could lead to cases where attackers can send backup notification emails t...
Database Backup for WordPress < 2.5.2 - Arbitrary Schedule Settings Update via CSRF
The plugin does not have CSRF check in place when updating the schedule backup settings, which could allow an attacker to make a logged in admin change them via a CSRF attack. This could lead to cases where attackers can send backup notification emails to themselves, which contain more details. O...
Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.1.6 (tripleo-ansible) security update
An update for tripleo-ansible is now available for Red Hat OpenStack Platform 16.1 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Ransomware attacks on Hospitals put Patients at Risk
Just last week, the Federal Bureau of Investigation FBI issued an urgent "Flash" message to the businesses and organisations about the threat of Samsam Ransomware, but the ransomware has already wreaked havoc on some critical infrastructure. MedStar, a non-profit group that runs 10 hospitals in t...
emlog automatic backup plug-in leaked the entire Station database backup vulnerability-vulnerability warning-the black bar safety net
This is my third time in your blog to find the fatal flaw. The first is a third-party Storage, the solution is to delete. The second is"EMLOG album", which is this article:is. The third time is this time, I wrote one using the script, directly to your blog, the whole site backup file down under,...
emlog 自动备份并发送到邮箱插件泄露整站数据库备份漏洞
No description provided by source...
How to Auto-BackUp Your WhatsApp Data to Google Drive with Encryption
What if your phone suddenly slips into a bathtub? Maybe you'll end up losing all your important data, more specifically, your WhatsApp photos, videos, Voice Notes and Chat Data that flows through your chats. Sounds scary, isn't it? But, now you need not worry if your phone suddenly died or broke ...
Ecava IntegraXor Project Directory Information Disclosure Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Ecava IntegraXor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the storing of credentials in cleartext. The issue lies in the ability to bypass file...
MailMachine Pro 2.2.4 Remote SQL Injection Vulnerability
No description provided by source. --------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | / \ \ | \ \ | | | \ | |/ \ | | // | || | ||| /| / /\ | |||| /| / / &nb...
Backup implementation
Organization Backup I. Intro Let's start by cramming terms and definitions. Backup backup, b4kup or in the common folk backup we will call an asynchronous, in relation to modification, process of creating a copy of stored information data, which allows you to restore the previous state of the dat...
Ubuntu 4.10 / 5.04 / 5.10 : cpio vulnerability (USN-234-1)
Richard Harms discovered that cpio did not sufficiently validate file properties when creating archives. Files with e. g. a very large size caused a buffer overflow. By tricking a user or an automatic backup system into putting a specially crafted file into a cpio archive, a local attacker could...
PHP-Fusion <= 6.00.105 Accessible Database Backups Download Exploit
No description provided by source. !/usr/bin/perl D A R K A S S A S S I N S C R E W 2 0 0 5 Dark Assassins - http://dark-assassins.com/ Visit us on IRC @ irc.tddirc.net DarkAssassins phpfusiondb.pl; Version 0.1 22/06/05 PHP-Fusion db backup proof-of-concept by Easyex Database backup vuln in...