124 matches found
Cross site scripting
Unauth. Reflected Cross-Site Scripting XSS vulnerability in WP Backup Solutions WP Backup Manager plugin = 1.13.1 versions...
CVE-2023-35775 WordPress WP Backup Manager Plugin <= 1.13.1 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in WP Backup Solutions WP Backup Manager plugin = 1.13.1 versions...
CVE-2023-35775
CVE-2023-35775 affects the WordPress WP Backup Manager plugin, where an unauthenticated reflected XSS exists in versions ≤ 1.13.1. Content from multiple sources confirms the vulnerability and the product, with remediation guidance to update to version 1.13.1 or later. Some entries note unpatched ...
WordPress plugin WP Backup Manager 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2023-25303 · WordPress · Backup Manager
Name of the Vulnerable Software and Affected Versions: WP Backup Manager plugin versions prior to 1.13.1 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicious scripts into a website, potentially allowing...
WordPress WP Backup Manager Plugin <= 1.13.1 is vulnerable to Cross Site Scripting (XSS)
Software WP Backup Manager Type Plugin Vulnerable versions = 1.13.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-35775 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 619985be1143 Credits Le Ngoc Anh...
CISA Issues Warning on Active Exploitation of ZK Java Web Framework Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency CISA has added a high-severity flaw affecting the ZK Framework to its Known Exploited Vulnerabilities KEV catalog based on evidence of active exploitation. Tracked as CVE-2022-36537 CVSS score: 7.5, the issue impacts ZK Framework versions...
ZK Framework AuUploader Unspecified Vulnerability
ZK Framework AuUploader servlets contain an unspecified vulnerability that could allow an attacker to retrieve the content of a file located in the web context. The ZK Framework is an open-source Java framework. This vulnerability can impact multiple products, including but not limited to...
Exploit for CVE-2022-36537
CVE-2022-36537 Summary R1Soft Server Backup Manager uses t...
Exploit for CVE-2022-36537
CVE-2022-36537 Summary R1Soft Server Backup Manager uses t...
Exploit for CVE-2022-36537
CVE-2022-36537 Summary R1Soft Server Backup Manager uses t...
CVE-2022-36537
ZK Framework v9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows attackers to access sensitive information via a crafted POST request sent to the component AuUploader. Recent assessments: ccondon-r7 at March 01, 2023 6:39pm UTC reported: The core vuln here is an info leak in ZK Framework, which ...
CVE-2021-0554
In isBackupServiceActive of BackupManagerService.java, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-158482162...
Acer Backup Manager Module 3.0.0.99 Unquoted Service Path Vulnerability
Exploit Title: Acer Backup Manager Module 3.0.0.99 - 'IScheduleSvc.exe' Unquoted Service Path Discovery by: Emmanuel Lujan Vendor Homepage: https://www.acer.com/ac/en/US/content/home Tested Version: 3.0.0.99 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 7 Home Premium x64 Step t...
Acer Backup Manager Module 3.0.0.99 Unquoted Service Path
Exploit Title: Acer Backup Manager Module 3.0.0.99 - 'IScheduleSvc.exe' Unquoted Service Path Discovery by: Emmanuel Lujan Discovery Date: 2021-05-19 Vendor Homepage: https://www.acer.com/ac/en/US/content/home Tested Version: 3.0.0.99 Vulnerability Type: Unquoted Service Path Tested on OS: Window...
Backup Manager Module 3.0.0.99 - (IScheduleSvc.exe) Unquoted Service Path Vulnerability
Exploit Title: Acer Backup Manager Module 3.0.0.99 - 'IScheduleSvc.exe' Unquoted Service Path Discovery by: Emmanuel Lujan Vendor Homepage: https://www.acer.com/ac/en/US/content/home Tested Version: 3.0.0.99 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 7 Home Premium x64 Step t...
Backup Manager Module 3.0.0.99 - 'IScheduleSvc.exe' Unquoted Service Path
Exploit Title: Acer Backup Manager Module 3.0.0.99 - 'IScheduleSvc.exe' Unquoted Service Path Discovery by: Emmanuel Lujan Discovery Date: 2021-05-19 Vendor Homepage: https://www.acer.com/ac/en/US/content/home Tested Version: 3.0.0.99 Vulnerability Type: Unquoted Service Path Tested on OS: Window...
WordPress Hot Backup Manager 1.0 Database Disclosure
Exploit Title : WordPress Hot Backup Manager 1.0 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 02/12/2018 Software Created Date By Owner : 16th March 2012 Vendor Homepage : wordpress.org github.com/eugene-manuilov Software Download Lin...
The vulnerability of the vi command-line editor for system data storage, Backup Manager, allows a hacker to obtain root privileges.
The vulnerability of the vi script service for the system data storage, Backup Manager, is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to obtain root privileges and compromise the integrity of the critical /etc/passwd file by executing a speci...
Replibit Backup Manager Local Elevation of Privilege Vulnerability
Replibit Backup Manager is a file backup management tool for Linux from Replibit, Inc. A local elevation of privilege vulnerability exists in versions of Replibit Backup Manager prior to 2017.08.04. An attacker can exploit this vulnerability to gain root privileges by executing a sudo command...