CI4MS 路径遍历漏洞

CI4MS is an open-source blog page management tool developed by Ci4MS. Versions of CI4MS prior to 0.31.5.0 contained a path traversal vulnerability. This vulnerability stemmed from the fact that the Backup::restore function extracted ZIP archives uploaded by users without verifying the names of th...

CVE-2026-6227 BackWPup <= 5.6.6 - Authenticated (Administrator+) Local File Inclusion via 'block_name' Parameter

The BackWPup plugin for WordPress is vulnerable to Local File Inclusion via the blockname parameter of the /wp-json/backwpup/v1/getblock REST endpoint in all versions up to, and including, 5.6.6 due to a non-recursive strreplace sanitization of path traversal sequences. This makes it possible for...

GHSA-87J9-M7X6-HVW2 Ella Core has Privilege Escalation via Database Restore by NetworkManager role

Summary The NetworkManager role was granted backup and restore permission. The restore endpoint accepted any valid SQLite file without verifying its contents. Impact A NetworkManager could replace the production database with a tampered copy to escalate to Admin, gaining access to user management...

CVE-2026-25483

Craft Commerce is an ecommerce platform for Craft CMS. In versions from 4.0.0-RC1 to 4.10.0 and from 5.0.0 to 5.5.1, a stored XSS vulnerability exists in Craft Commerce’s Order Status History Message. The message is rendered using the |md filter, which permits raw HTML, enabling malicious script...

CVE-2026-25483

Craft Commerce is an ecommerce platform for Craft CMS. In versions from 4.0.0-RC1 to 4.10.0 and from 5.0.0 to 5.5.1, a stored XSS vulnerability exists in Craft Commerce’s Order Status History Message. The message is rendered using the |md filter, which permits raw HTML, enabling malicious script...

CVE-2026-25483

Craft Commerce for Craft CMS is affected by a stored XSS in the Order Status History Message. The vulnerability arises because orderHistory.message is rendered with the |md filter, which allows raw HTML, enabling script execution that can lead to database exfiltration when a privileged user with ...

CVE-2026-25483 Craft Commerce has Stored XSS via Order Status Message with potential database exfiltration

Craft Commerce is an ecommerce platform for Craft CMS. In versions from 4.0.0-RC1 to 4.10.0 and from 5.0.0 to 5.5.1, a stored XSS vulnerability exists in Craft Commerce’s Order Status History Message. The message is rendered using the |md filter, which permits raw HTML, enabling malicious script...

CVE-2026-25483 Craft Commerce has Stored XSS via Order Status Message with potential database exfiltration

Craft Commerce is an ecommerce platform for Craft CMS. In versions from 4.0.0-RC1 to 4.10.0 and from 5.0.0 to 5.5.1, a stored XSS vulnerability exists in Craft Commerce’s Order Status History Message. The message is rendered using the |md filter, which permits raw HTML, enabling malicious script...

CVE-2026-25483 Craft Commerce has Stored XSS via Order Status Message with potential database exfiltration

Craft Commerce is an ecommerce platform for Craft CMS. In versions from 4.0.0-RC1 to 4.10.0 and from 5.0.0 to 5.5.1, a stored XSS vulnerability exists in Craft Commerce’s Order Status History Message. The message is rendered using the |md filter, which permits raw HTML, enabling malicious script...

CVE-2026-25483

Craft Commerce is an ecommerce platform for Craft CMS. In versions from 4.0.0-RC1 to 4.10.0 and from 5.0.0 to 5.5.1, a stored XSS vulnerability exists in Craft Commerce’s Order Status History Message. The message is rendered using the |md filter, which permits raw HTML, enabling malicious script...

GHSA-8478-RMJG-MJJ5 Craft Commerce has Stored XSS via Order Status Message with potential database exfiltration

Summary A stored XSS vulnerability exists in Craft Commerce’s Order Status History Message. The message is rendered using the |md filter, which permits raw HTML, enabling malicious script execution. If a user has database backup utility permissions which do not require an elevated session, an...

CVE-2026-21857

CVE-2026-21857 affects REDAXO prior to 5.20.2. Authenticated users with backup permissions can read arbitrary files in the webroot via path traversal in the Backup addon’s file export, by abusing the EXPDIR POST parameter not being validated against the UI allowlist. This leads to inclusion of se...

Freedombox 安全漏洞

Freedombox is a Debian-based freeware home server operating system. A security vulnerability exists in Freedombox versions prior to 25.17.1 that stems from improperly set permissions on the backup data directory, which could result in database dump files being read...

EUVD-2017-9513

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2018-14335

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files outside of their...

CVE-2023-50386 Apache Solr: Backup/Restore APIs allow for deployment of executables in malicious ConfigSets

Improper Control of Dynamically-Managed Code Resources, Unrestricted Upload of File with Dangerous Type, Inclusion of Functionality from Untrusted Control Sphere vulnerability in Apache Solr.This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1. In the affected...

SUSE CVE-2005-1920

The 1 Kate and 2 Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information...

Repository Unavailable to Veeam Agent for Microsoft Windows Installed on a Veeam Backup and Replication Server

Challenge The behavior described here can be observed in the following configuration: - multiple installations of Veeam Agent for Microsoft Windows VAW are targeted at a Veeam Backup and Replication VBR repository within the same domain; - all VAW-processed computers are added to an AD computer...

DEBIAN-CVE-2006-6085

Kile before 1.9.3 does not assign a backup file the same permissions as the original file, which might allow local users to obtain sensitive information...

security flaw

The 1 Kate and 2 Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information...