CVE-2025-9573 Command Injection in extension "TYPO3 Backup Plus" (ns_backup)

The nsbackup extension through 13.0.2 for TYPO3 allows command injection...

CVE-2025-9573 Command Injection in extension "TYPO3 Backup Plus" (ns_backup)

The nsbackup extension through 13.0.2 for TYPO3 allows command injection...

The vulnerability of the Backup Plus (ns_backup) extension of the TYPO3 content management system allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Backup Plus nsbackup extension of the TYPO3 content management system is related to errors in the access control for saved backup files and configurations. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

The vulnerability of the Backup Plus (ns_backup) extension of the TYPO3 content management system allows a hacker to execute arbitrary commands.

The vulnerability of the Backup Plus nsbackup extension of the TYPO3 content management system exists due to the lack of measures taken to neutralize the special elements used in the operating system’s command line. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

CVE-2018-19456

The WP Backup+ aka WPbackupplus plugin through 2018-11-22 for WordPress allows remote attackers to obtain sensitive information from server folders and files, as demonstrated by download.sql...

GHSA-HQ4F-5QJV-FWRG The Backup Plus extension for TYPO3 (ns_backup) has a Predictable Resource Location

The nsbackup extension through 13.0.0 for TYPO3 has a Predictable Resource Location. This allows an unauthenticated remote user to download created backups and configuration files...

The Backup Plus extension for TYPO3 (ns_backup) has a Predictable Resource Location

The nsbackup extension through 13.0.0 for TYPO3 has a Predictable Resource Location. This allows an unauthenticated remote user to download created backups and configuration files...

GHSA-463C-JHP2-4MM7 The Backup Plus extension for TYPO3 (ns_backup) allows command injections

The nsbackup extension through 13.0.0 for TYPO3 allows command injection when creating a backup. An authenticated backend user with access to the extensions backend module is required to exploit the vulnerability...

The Backup Plus extension for TYPO3 (ns_backup) allows XSS

The nsbackup extension through 13.0.0 for TYPO3 allows XSS...

CVE-2018-19456

The WP Backup+ aka WPbackupplus plugin through 2018-11-22 for WordPress allows remote attackers to obtain sensitive information from server folders and files, as demonstrated by download.sql...

WordPress WP Backup Plus + 1.0 Database Disclosure

Exploit Title : WordPress WP Backup Plus + 1.0 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 02/12/2018 Vendor Homepage : wpbackupplus.com wplaunchpad.io wordpress.org Software Download Link : N/A Tested On : Windows and Linux Category...

WordPress Backup Plus Backup Disclosure

WordPress 'WP Backup Plus' Plugin Exposure Backup File to Unauthorized Control CWE: CWE-530 Risk: High Author: Hugo Santiago dos Santos Contact: [email protected] Date: 15/05/2015 Vendor Homepage: http://wpbackupplus.com/ Google Dork: inurl:/wp-content/uploads/wp-backup-plus/ PoC :...

WordPress Backup Plus Plugin - Backup Disclosure

This plugin is prone to exposure backup file to unauthorized control vulnerability. Solution Update the plugin...