Lucene search
K

19 matches found

Vulnrichment
Vulnrichment
added 2026/02/03 10:1 p.m.3 views

CVE-2020-37082 webERP 4.15.1 - Unauthenticated Backup File Access

webERP 4.15.1 contains an unauthenticated file access vulnerability that allows remote attackers to download database backup files without authentication. Attackers can directly access generated backup files in the companies/weberp/ directory by requesting the Backuptimestamp.sql.gz file...

9.8CVSS5.5AI score0.00541EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/01/07 9:31 a.m.9 views

CVE-2019-16155

A privilege escalation vulnerability in FortiClient for Linux 6.2.1 and below may allow a user with low privilege to overwrite system files as root with arbitrary content through system backup file via specially crafted "BackupConfig" type IPC client requests to the fctsched process. Further more...

7.1CVSS7.3AI score0.00443EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:19 a.m.13 views

CVE-2022-47732

In Yeastar N412 and N824 Configuration Panel 42.x and 45.x, an unauthenticated attacker can create backup file and download it, revealing admin hash, allowing, once cracked, to login inside the Configuration Panel, otherwise, replacing the hash in the archive and restoring it on the device which...

7.5CVSS7.2AI score0.00544EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:34 a.m.9 views

CVE-2017-18391

cPanel before 68.0.15 allows attackers to read backup files because they are world-readable during a short time interval SEC-323...

2.5CVSS6.8AI score0.00294EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/07 12:0 a.m.8 views

PT-2024-10772 · Epson +1 · Epson Products +1

Name of the Vulnerable Software and Affected Versions: Siime Eye version 14.1.00000001.3.330.0.0.3.14 Description: An issue was discovered in Siime Eye where information on all users, including passwords, can be found in cleartext in a backup file created through the web interface. An attacker...

5.4CVSS6.2AI score0.0028EPSS
Exploits1References15
OSV
OSV
added 2024/10/16 5:15 p.m.4 views

CVE-2024-20280

A vulnerability in the backup feature of Cisco UCS Central Software could allow an attacker with access to a backup file to learn sensitive information that is stored in the full state and configuration backup files. This vulnerability is due to a weakness in the encryption method that is used fo...

6.3CVSS5.8AI score0.00112EPSS
Exploits0References1
OSV
OSV
added 2024/02/23 11:15 p.m.4 views

CVE-2024-22988

ZKteco ZKBio WDMS before 9.0.2 Build 20250526 allows an attacker to download a database backup via the /files/backup/ component because the filename is based on a predictable timestamp...

9.8CVSS5.8AI score0.00815EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/06/30 12:0 a.m.6 views

PT-2023-25454 · Intelbras · Intelbras Switch Sg 2404 Mr

Name of the Vulnerable Software and Affected Versions: Intelbras Switch SG 2404 MR version 1.00.54 Description: The issue is related to an authentication bypass that allows an unauthenticated attacker to download the device's backup file, exposing critical configuration information...

7.5CVSS7.7AI score0.39723EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2022/09/28 12:0 a.m.5 views

PT-2022-25402 · Tp Link · Tp Link Archer Ax10

Name of the Vulnerable Software and Affected Versions: TP Link Archer AX10 V1 Firmware Version 1.3.1 Build 20220401 Rel. 574505553 Description: The issue allows authenticated attackers to execute arbitrary code via a crafted backup file. Recommendations: For TP Link Archer AX10 V1 Firmware Versio...

8.8CVSS8.8AI score0.01493EPSS
Exploits1References5
CNVD
CNVD
added 2020/05/28 12:0 a.m.2 views

Backup File Download Vulnerability in Yunyou CMS

CloudYou CMS is a free + open source urban substation content management system based on TP5.0 framework as the core development. CloudYou CMS has a backup file download vulnerability that can be exploited by attackers to download backup files and obtain sensitive information...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2020/05/05 12:0 a.m.99 views

webERP 4.15.1 Backup Disclosure

Exploit Title: webERP 4.15.1 - Unauthenticated Backup File Access Date: 2020-05-01 Author: Besim ALTINOK Vendor Homepage: http://www.weberp.org Software Link: https://sourceforge.net/projects/web-erp/ Version: v4.15.1 Tested on: Xampp Credit: İsmail BOZKURT...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/05/05 12:0 a.m.90 views

webERP 4.15.1 - Unauthenticated Backup File Access Vulnerability

Exploit for php platform in category web applications Exploit Title: webERP 4.15.1 - Unauthenticated Backup File Access Author: Besim ALTINOK Vendor Homepage: http://www.weberp.org Software Link: https://sourceforge.net/projects/web-erp/ Version: v4.15.1 Tested on: Xampp Credit: İsmail BOZKURT...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2020/05/05 12:0 a.m.207 views

webERP 4.15.1 - Unauthenticated Backup File Access

Exploit Title: webERP 4.15.1 - Unauthenticated Backup File Access Date: 2020-05-01 Author: Besim ALTINOK Vendor Homepage: http://www.weberp.org Software Link: https://sourceforge.net/projects/web-erp/ Version: v4.15.1 Tested on: Xampp Credit: İsmail BOZKURT...

7AI score
Exploits0
0day.today
0day.today
added 2016/07/25 12:0 a.m.88 views

Technicolor TC7200 Modem / Router STD6.02.11 - Multiple Vulnerabilities

Exploit for hardware platform in category web applications ''' Technicolor TC7200 modem/router multiple vulnerabilities -------------------------------------------------------- Platforms / Firmware confirmed affected: - Technicolor TC7200, STD6.02.11 - Product page:...

7.1AI score0.18171EPSS
Exploits11
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.38 views

Thomson Wireless VoIP Cable Modem Auth Bypass

No description provided by source. Exploit Title: Thomson Wireless VoIP Cable Modem Auth Bypass Date: February 22, 2011 Authors: Glafkos Charalambous, George Nicolaou Product: TWG850-4 Wireless VoIP Cable Modem Software Version: ST9A.01.06 Severity: High Other Vulnerabilities: Unauthenticated...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2012/09/20 12:0 a.m.44 views

Thomson Wireless VoIP Cable Modem Authentication Bypass

Exploit Title: Thomson Wireless VoIP Cable Modem Auth Bypass Date: February 22, 2011 Authors: Glafkos Charalambous, George Nicolaou Product: TWG850-4 Wireless VoIP Cable Modem Software Version: ST9A.01.06 Severity: High Other Vulnerabilities: Unauthenticated Backup File Access, Plaintext Protocol...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2005/06/21 12:0 a.m.23 views

pafaq.pl.txt

!/usr/bin/perl -w paFaq 1.0 Add Administrator PoC // By James // http://www.gulftech.org use LWP::UserAgent; Set up the LWP User Agent $ua = new LWP::UserAgent; $ua-agent"paFaq Hash Grabber v1.0"; if !$ARGV0 print "Usage : pafaq.pl http://path/to/pafaq"; exit; my $keytime = time; my $dbmpath =...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.26 views

Debian DSA-230-1 : bugzilla - insecure permissions, spurious backup files

Two vulnerabilities have been discovered in Bugzilla, a web-based bug tracking system, by its authors. The Common Vulnerabilities and Exposures Project identifies the following vulnerabilities : CAN-2003-0012 BugTraq ID 6502 The provided data collection script intended to be run as a nightly cron...

7.5CVSS5.5AI score0.02083EPSS
Exploits0References3
Debian
Debian
added 2003/01/16 3:51 p.m.23 views

[SECURITY] [DSA 230-1] New bugzilla packages fix unauthorized data modification

-------------------------------------------------------------------------- Debian Security Advisory DSA 230-1 [email protected] http://www.debian.org/security/ Martin Schulze January 16th, 2003 http://www.debian.org/security/faq -...

6.6AI score
Exploits0
Rows per page
Query Builder