7 matches found
CVE-2014-2996
XCloner Standalone 3.5 and earlier, when enabledbbackup and sqlmem are enabled, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the dbbackupcomp parameter in a generate action to index2.php. NOTE: it is not clear whether this issue crosses...
Code injection
XCloner Standalone 3.5 and earlier, when enabledbbackup and sqlmem are enabled, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the dbbackupcomp parameter in a generate action to index2.php. NOTE: it is not clear whether this issue crosses...
CVE-2014-2579
CVE-2014-2579 describes CSRF vulnerabilities in XCloner Standalone ≤3.5 that allow remote attackers to hijack administrator authentication to perform actions such as changing the admin password via the config task to index2.php, and, when enable_db_backup and sql_mem are enabled, accessing databa...
XCloner Standalone 3.5 - Cross-Site Request Forgery
XCloner Standalone 3.5 - Cross-Site Request Forgery Advisory ID: HTB23207 Product: XCloner Standalone Vendor: XCloner Vulnerable Versions: 3.5 and probably prior Tested Version: 3.5 Advisory Publication: March 14, 2014 without technical details Vendor Notification: March 14, 2014 Public Disclosur...
XCloner Standalone 3.5 Cross Site Request Forgery Vulnerability
XCloner Standalone version 3.5 suffers from a cross site request forgery vulnerability. Product: XCloner Standalone Vendor: XCloner Vulnerable Versions: 3.5 and probably prior Tested Version: 3.5 Advisory Publication: March 14, 2014 without technical details Vendor Notification: March 14, 2014...
XCloner Standalone 3.5 - Cross-Site Request Forgery
Advisory ID: HTB23207 Product: XCloner Standalone Vendor: XCloner Vulnerable Versions: 3.5 and probably prior Tested Version: 3.5 Advisory Publication: March 14, 2014 without technical details Vendor Notification: March 14, 2014 Public Disclosure: April 9, 2014 Vulnerability Type: Cross-Site...
XCloner Standalone 3.5 Cross Site Request Forgery
Advisory ID: HTB23207 Product: XCloner Standalone Vendor: XCloner Vulnerable Versions: 3.5 and probably prior Tested Version: 3.5 Advisory Publication: March 14, 2014 without technical details Vendor Notification: March 14, 2014 Public Disclosure: April 9, 2014 Vulnerability Type: Cross-Site...