CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

413 matches found

Emlog 2.1.9 - SQL Injection

emlog v2.1.9 contains a SQL injection caused by unsanitized input in the data backup/restore functionality, allowing attackers to execute arbitrary SQL commands through crafted backup files. id: CVE-2023-39121 info: name: Emlog 2.1.9 - SQL Injection author: wjch611 severity: high description: |...

7.2CVSS7.4AI score0.0268EPSS

Exploits1References2

NVD•added last week•5 views

CVE-2026-44885

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, Portainer's backup restore feature accepts a .tar.gz archive and extracts it to a target...

5.5CVSS0.00371EPSS

Exploits1References2

ATTACKERKB•added last week•3 views

CVE-2026-44885

5.9AI score0.00371EPSS

Exploits1References3Affected Software1

EUVD•added last week•5 views

EUVD-2026-33057

5.5CVSS5.9AI score0.00371EPSS

Exploits1References2

Cvelist•added last week•25 views

CVE-2026-44885 Portainer: Path traversal in backup archive extraction allows arbitrary file write

5.5CVSS0.00371EPSS

Exploits1References2

RedhatCVE•added 2026/05/20 7:57 a.m.•5 views

CVE-2026-26978

FreePBX is an open source IP PBX. In versions below 16.0.71 and 17.0.6, the backup module does not properly sanitize data during restore operations, potentially leading to compromise if the backup contains carefully crafted hostile data. During backup restore operations, FreePBX extracts selected...

8.6CVSS5.8AI score0.00477EPSS

Exploits0References1

NVD•added 2026/05/18 9:16 p.m.•9 views

CVE-2026-26978

8.6CVSS0.00477EPSS

Exploits0References3

ATTACKERKB•added 2026/05/18 8:49 p.m.•8 views

CVE-2026-26978

8.6CVSS5.8AI score0.00477EPSS

Exploits0References4Affected Software1

CVE•added 2026/05/18 8:49 p.m.•12 views

CVE-2026-26978

CVE-2026-26978 affects FreePBX backups: in versions below 16.0.71 and 17.0.6, restoring a user-supplied tar archive can trigger deserialization of untrusted data via backup module, leading to Remote Code Execution as the web server user (e.g., asterisk/www-data). The issue arises when a malicious...

8.6CVSS5.8AI score0.00477EPSS

Exploits0References3

Vulnrichment•added 2026/05/18 8:49 p.m.•8 views

CVE-2026-26978 Free PBX backup: Deserialization of Untrusted Data in admin/modules/backup/Models/BackupSplFileInfo.php

8.6CVSS5.8AI score0.00477EPSS

Exploits0References3

Positive Technologies•added 2026/05/18 12:0 a.m.•8 views

PT-2026-41736

Name of the Vulnerable Software and Affected Versions FreePBX versions prior to 16.0.71 FreePBX versions prior to 17.0.6 Description The backup module fails to properly sanitize data during restore operations. When extracting files from a user-supplied tar archive, the system reads malicious file...

8.6CVSS5.9AI score0.00477EPSS

Exploits0References6

NVD•added 2026/05/16 4:16 p.m.•7 views

CVE-2021-47979

WordPress Plugin Backup and Restore 1.0.3 contains an arbitrary file deletion vulnerability that allows authenticated attackers to delete files by manipulating parameters in AJAX requests. Attackers can send POST requests to admin-ajax.php with crafted filename and foldername parameters to delete...

8.8CVSS0.00055EPSS

Exploits0References4

Positive Technologies•added 2026/05/16 12:0 a.m.•8 views

PT-2026-41465

Name of the Vulnerable Software and Affected Versions Backup and Restore version 1.0.3 Description Authenticated attackers can delete arbitrary files from the WordPress installation directory. This is achieved by sending POST requests to the 'admin-ajax.php' endpoint with manipulated file name an...

8.8CVSS5.9AI score0.00055EPSS

Exploits0References6

Github Security Blog•added 2026/05/14 4:23 p.m.•4 views

Portainer has a path traversal in backup archive extraction that allows arbitrary file write

Summary Portainer's backup restore feature accepts a .tar.gz archive and extracts it to a target directory on the server. The extraction function ExtractTarGz in api/archive/targz.go constructed output paths using filepath.Cleanfilepath.JoinoutputDirPath, header.Name. This combination does not...

5.5CVSS5.9AI score0.00371EPSS

Exploits1References4Affected Software1

Positive Technologies•added 2026/05/14 12:0 a.m.•7 views

PT-2026-41145

Name of the Vulnerable Software and Affected Versions Portainer Community Edition versions prior to 2.39.0 Description The backup restore feature accepts a .tar.gz archive and extracts it to a target directory on the server. The extraction function ExtractTarGz in api/archive/targz.go constructs...

5.5CVSS5.9AI score0.00371EPSS

Exploits1References7

RedhatCVE•added 2026/05/12 7:38 p.m.•4 views

CVE-2026-40251

A flaw was found in Incus, a system container and virtual machine manager. An authenticated user with access to the storage volume feature can exploit missing validation logic in the storage volume import process or an out-of-bounds panic vulnerability in the backup restore subsystem. By submitti...

7.1CVSS5.8AI score0.00015EPSS

Exploits0References2

OSV•added 2026/05/12 6:17 p.m.•11 views

PYSEC-2026-30

changedetection.io is a free open source web page change detection tool. Prior to 0.55.1, the vulnerability is caused by trusting attacker-controlled snapshot paths restored from backup files. The vulnerable flow starts in the backup restore logic. When a backup ZIP is restored, the application...

7.5CVSS5.8AI score0.00037EPSS

Exploits1References2