Information Exposure

Overview thorsten/phpmyfaq is a FAQ system for PHP and MySQL, PostgreSQL and other databases Affected versions of this package are vulnerable to Information Exposure via the backup process. An unauthenticated remote attacker can trigger generation of a configuration backup ZIP via POST...

Arbitrary Command Injection

Overview pgadmin4 is a PostgreSQL Tools Affected versions of this package are vulnerable to Arbitrary Command Injection via the backup and restore processes when handling file path input with shell execution enabled. An attacker can execute arbitrary system commands by supplying specially crafted...

CVE-2024-13609

CVE-2024-13609 affects the WordPress plugin “1 Click WordPress Migration Plugin – 100% FREE for a limited time.” Vulnerability type: Sensitive Information Exposure via class-ocm-backup.php, impacting all versions up to 2.1. Attack scenario: unauthenticated attackers could extract sensitive data, ...

CVE-2024-13555 1 Click WordPress Migration Plugin – 100% FREE for a limited time <= 2.2 - Cross-Site Request Forgery to Backup Process Cancellation

The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2. This is due to missing or incorrect nonce validation on the cancelactions function. This makes it possible for...

CVE-2024-13555 1 Click WordPress Migration Plugin – 100% FREE for a limited time <= 2.2 - Cross-Site Request Forgery to Backup Process Cancellation

The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2. This is due to missing or incorrect nonce validation on the cancelactions function. This makes it possible for...

CVE-2024-56086

An issue was discovered in Logpoint before 7.5.0. Authenticated users can inject payloads in Report Templates. These are executed when the backup process is initiated, leading to Remote Code Execution...

Logpoint 安全漏洞

Logpoint is a network security application from the Danish company Logpoint. A security vulnerability exists in Logpoint versions prior to 7.5.0 that originates from an authenticated user being able to inject payloads into report templates that are executed when the backup process is initiated,...

CVE-2024-10028 Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin <= 2.2.13 - Sensitive Invormation Disclosure via procstat Log

The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.13 via the exposed process stats file during the backup process. This makes it possible for unauthenticat...

CVE-2024-6326

CVE-2024-6326 affects Rockwell Automation FactoryTalk System Service. The vulnerability arises from a lack of explicit permissions on the backup folder, allowing a local attacker who starts a backup/restore process to temporarily access sensitive data (private keys, passwords, pre‑shared keys, an...

How to back up your Windows 10/11 PC to OneDrive

They say the only backup you ever regret is the one you didnt make. Starting in Windows 10, the operating system OS now comes with a built-in tool to back up your files, themes, some settings, many of your installed apps, and your Wi-Fi information. First, you’ll need to sign in with your Microso...

CVE-2024-28222

In Veritas NetBackup before 8.1.2 and NetBackup Appliance before 3.1.2, the BPCD process inadequately validates the file path, allowing an unauthenticated attacker to upload and execute a custom file...

Design/Logic Flaw

The InfiniteWP Client plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.12.3 via the multi-call backup option. This makes it possible for unauthenticated attackers to extract sensitive data from a temporary SQL file via repeated GET...

Dell NetWorker 安全漏洞

Dell NetWorker is an application from Dell USA Inc. Provides forum discussion features for Dell Inc. An information disclosure vulnerability exists in Dell NetWorker, which arises from the database storing plain text passwords in a temporary configuration file during backups, and can be exploited...

Information disclosure

The WP STAGING WordPress Backup Plugin before 3.1.3 and WP STAGING Pro WordPress Backup Plugin before 5.1.3 do not prevent visitors from leaking key information about ongoing backups processes, allowing unauthenticated attackers to download said backups later...

PT-2024-14883 · WordPress · Wp Staging Pro Wordpress Backup Plugin

Name of the Vulnerable Software and Affected Versions: WP STAGING WordPress Backup Plugin versions prior to 3.1.3 WP STAGING Pro WordPress Backup Plugin versions prior to 5.1.3 Description: The issue allows unauthenticated attackers to obtain key information about ongoing backup processes, which...

Vulnerability fixed in Veritas NetBackup

Symantec has fixed a vulnerability in Veritas NetBackup. The vulnerability is located the BPCD process and allows an unauthenticated malicious person to upload and execute with permissions from the backup process. No CVE ID has been disclosed for this vulnerability yet. Symantec has released...

In search of the Triangulation: triangle_check utility

In our initial blogpost about "Operation Triangulation", we published a comprehensive guide on how to manually check iOS device backups for possible indicators of compromise using MVT. This process takes time and requires manual search for several types of indicators. To automate this process, we...

PT-2023-21941 · Veritas · Veritas Netbackup

Name of the Vulnerable Software and Affected Versions: Veritas NetBackup versions prior to 8.3.0.2 Description: An issue was discovered that allows an unprivileged user to specify a log file path when executing a NetBackup command, potentially leading to the overwrite of existing NetBackup log...

App Layering | How to take App layering Backup

...

Citrix StoreFront Web GUI Assistant

StoreFront Web GUI DevlopedDate: 09/12/2013 Modified Date: 04/16/2020 Where to download ? Certain legacy Citrix tools are now available on request only. Please submit the request here - https://forms.gle/obA39PEz5qpDiSPq8 Once we verify your request, we will provide access to the download locatio...