WeGIA SQL注入漏洞

WeGIA is a network manager for welfare institutions developed by Nilson Lazarin as an individual project. Versions 3.6.5 and 3.6.6 of WeGIA contain SQL injection vulnerabilities. These vulnerabilities stem from a lack of content validation during the loading of SQL files by the loadBackupDB...

EUVD-2006-6802

Malware in sbrugna...

EUVD-2025-15242

Malicious code in bioql PyPI...

EUVD-2023-23464

Malicious code in bioql PyPI...

PT-2025-39832

Name of the Vulnerable Software and Affected Versions PublicCMS versions 5.202506.a through 5.202506.b Description An issue exists in PublicCMS that allows attackers to execute arbitrary commands. This occurs due to an OS command injection in the backupDB.bat file when processing crafted DATABASE...

PublicCMS 安全漏洞

PublicCMS is an open source content management system CMS written in Java language by PublicCMS China. A security vulnerability exists in PublicCMS PublicCMS-V5.202506.a version and PublicCMS-V5.202506.b version, which stems from incorrect manipulation of the DATABASE, USERNAME, or PASSWORD...

CVE-2025-57516

OS Command injection vulnerability in PublicCMS PublicCMS-V5.202506.a, and PublicCMS-V5.202506.b allowing attackers to execute arbitrary commands via crafted DATABASE, USERNAME, or PASSWORD variables to the backupDB.bat file...

CVE-2023-1184

A vulnerability, which was classified as problematic, has been found in ECshop up to 4.1.8. Affected by this issue is some unknown functionality of the file admin/database.php of the component Backup Database Handler. The manipulation leads to unrestricted upload. The attack may be launched...

WordPress Backup Database plugin <= 4.9 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin Backup Database versions = 4.9...

CVE-2024-8702

The Backup Database WordPress plugin through 4.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-8702

The Backup Database WordPress plugin through 4.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-8702 Backup Database <= 4.9 - Admin+ Stored XSS

The Backup Database WordPress plugin through 4.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-8702 Backup Database <= 4.9 - Admin+ Stored XSS

The Backup Database WordPress plugin through 4.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

WordPress plugin Backup Database 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

PT-2025-21533 · WordPress · Database Backup

Name of the Vulnerable Software and Affected Versions: Backup Database WordPress plugin versions prior to 4.9 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This is possible because some settings are not properly sanitised and...

Citrix Endpoint Management (aka XenMobile Server) 10.15.0 Rolling Patch 9

Package name: xms10.15.0.10915.bin For: XenMobile Server 10.15.0 Deployment type: On-premises only Replaces: xms10.15.0.10808.bin, xms10.15.0.10731.bin, xms10.15.0.10624.bin, xms10.15.0.10517.bin, xms10.15.0.10417.bin, xms10.15.0.10327.bin, xms10.15.0.10220.bin, and xms10.15.0.10125.bin Date:...

Citrix Endpoint Management (aka XenMobile Server) 10.15.0 Rolling Patch 7

Package name: xms10.15.0.10731.bin For: XenMobile Server 10.15.0 Deployment type: On-premises only Replaces: xms10.15.0.10624.bin, xms10.15.0.10517.bin, xms10.15.0.10417.bin, xms10.15.0.10327.bin, xms10.15.0.10220.bin, and xms10.15.0.10125.bin Date: June 2024 Languages supported: English US...

CVE-2023-1184

A vulnerability, which was classified as problematic, has been found in ECshop up to 4.1.8. Affected by this issue is some unknown functionality of the file admin/database.php of the component Backup Database Handler. The manipulation leads to unrestricted upload. The attack may be launched...

Out-of-bounds

A vulnerability, which was classified as problematic, has been found in ECshop up to 4.1.8. Affected by this issue is some unknown functionality of the file admin/database.php of the component Backup Database Handler. The manipulation leads to unrestricted upload. The attack may be launched...

PT-2023-16806 · Ecshop · Ecshop

Name of the Vulnerable Software and Affected Versions: ECshop versions up to 4.1.8 Description: A problematic issue has been found in the Backup Database Handler component of the file admin/database.php, leading to unrestricted upload. The attack can be launched remotely. The issue affects some...