5 matches found
CVE-2026-42951
CVE-2026-42951 concerns the Danelec MacGregor Voyage Data Recorder (VDR) device. The description across sources states an authenticated user can download a backup of the VDR that includes account data and password hashes. The connected records corroborate credentials exposure as the primary issue...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization through the archives API endpoint. Site backups can be initiated and subsequently downloaded without any authentication. Since these archives are generated with easily guessable filenames, an unauthenticated attack...
PT-2024-39221 · WordPress · File Manager Pro
Name of the Vulnerable Software and Affected Versions: File Manager Pro plugin for WordPress versions up to, and including, 8.3.9 Description: The issue allows unauthenticated attackers, if granted access to the File Manager by an administrator, to download and upload arbitrary backup files on th...
CVE-2023-36144
An authentication bypass in Intelbras Switch SG 2404 MR in firmware 1.00.54 allows an unauthenticated attacker to download the backup file of the device, exposing critical information about the device configuration...
WordPress plugin UpdraftPlus 安全漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an open source application plugin for WordPress. A security vulnerability exists in the WordPress plugin...