9 matches found
CVE-2022-0833
The Church Admin WordPress plugin before 3.4.135 does not have authorisation and CSRF in some of its action as well as requested files, allowing unauthenticated attackers to repeatedly request the "refresh-backup" action, and simultaneously keep requesting a publicly accessible temporary file...
EUVD-2020-30821
Astak CM-818T3 2.4GHz wireless security surveillance cameras contain an unauthenticated configuration disclosure vulnerability in the /web/cgi-bin/hi3510/backup.cgi endpoint. The endpoint permits remote download of a compressed configuration backup without requiring authentication or authorizatio...
CVE-2016-15056
The CVE affects Ubee EVW3226 cable modem/router firmware up to 1.0.20. A configuration backup file (Configuration_file.cfg) is stored in the web root after generation and remains accessible without authentication until the next reboot, enabling a local-network attacker to retrieve the backup arch...
DSL-124 Wireless N300 ADSL2+ - Backup File Disclosure
Exploit Title: DSL-124 Wireless N300 ADSL2+ - Backup File Disclosure Date: 2022-11-10 Exploit Author: Aryan Chehreghani Vendor Homepage: https://www.dlink.com Software Link: https://dlinkmea.com/index.php/product/details?det=dU1iNFc4cWRsdUpjWEpETFlSeFlZdz09 Firmware Version: ME1.00 Tested on:...
Sensitive File Disclosure (HTTP)
The script attempts to identify files containing sensitive data at the remote web server. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Ubee EVW3226 ModemRouter 1.0.20 - Multiple Vulnerabilities
Ubee EVW3226 ModemRouter 1.0.20 - Multiple Vulnerabilities ''' Ubee EVW3226 modem/router multiple vulnerabilities -------------------------------------------------- Platforms / Firmware confirmed affected: - Ubee EVW3226, 1.0.20 - Product page: http://www.ubeeinteractive.com/products/cable/evw322...
WordPress Backitup Plugin <= 1.9.1 - Backup File Disclosure
This plugin is prone to a backup file disclosure vulnerability. Solution Update the plugin...
ZTE WXV10 W300 - Multiple Vulnerabilities
ZTE WXV10 W300 - Multiple Vulnerabilities Exploit Title: ZTE WXV10 W300 Multiple Vulnerabilities Date: 17-05-2014 Server Version: RomPager/4.07 UPnP/1.0 Tested Routers: ZTE ZXV10 W300 Firmware: W300V1.0.0aZRDLK ADSL Firmware: FwVer:3.11.2.175TC3086 HwVer:T14.F75.0 Tested on: Kali Linux x8664...
ZTE WXV10 W300 Disclosure / CSRF / Default
Exploit Title: ZTE WXV10 W300 Multiple Vulnerabilities Date: 17-05-2014 Server Version: RomPager/4.07 UPnP/1.0 Tested Routers: ZTE ZXV10 W300 Firmware: W300V1.0.0aZRDLK ADSL Firmware: FwVer:3.11.2.175TC3086 HwVer:T14.F75.0 Tested on: Kali Linux x8664 Exploit Author: Osanda Malith Jayathissa...