Wordpress Plugin BulletProof Security 5.1 - Sensitive Information Disclosure

Exploit Title: Wordpress Plugin BulletProof Security 5.1 - Sensitive Information Disclosure Date 04.10.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://forum.ait-pro.com/read-me-first/ Software Link: https://downloads.wordpress.org/plugin/bulletproof-security.5.1.zip Version: =...

CVE-2019-7667

Prima Systems FlexAir, Versions 2.3.38 and prior. The application generates database backup files with a predictable name, and an attacker can use brute force to identify the database backup file name. A malicious actor can exploit this issue to download the database file and disclose login...

UKCMS has an information leakage vulnerability

UKcms is a web content management system based on PHP7 and mysql technology. UKCMS is vulnerable to information leakage. An attacker can obtain information about database backup files through constructed links...

CVE-2014-8605

The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! stores database backup files with predictable names under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to a backup file in administrators/backups/...

CVE-2011-1665

PHPBoost 3.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain backup SQL files via a direct request for predictable filenames in cache/backup/...

Secunia Research: Quicksilver Forums Backup Information Disclosure

====================================================================== Secunia Research 17/03/2010 - Quicksilver Forums Backup Information Disclosure - ====================================================================== Table of Contents Affected...