EUVD-2019-17250

Malware in sbrugna...

EUVD-2020-14553

Malware in sbrugna...

CVE-2012-10059

Dolibarr ERP/CRM versions = 3.1.1 and = 3.2.0 contain a post-authenticated OS command injection vulnerability in its database backup feature. The export.php script fails to sanitize the sqlcompat parameter, allowing authenticated users to inject arbitrary system commands, resulting in remote code...

CVE-2024-12850

The Database Backup and check Tables Automated With Scheduler 2024 plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.32 via the databasebackupajaxdownload function. This makes it possible for authenticated attackers, with administrator-level access...

CVE-2020-21997

Smartwares HOME easy =1.0.9 is vulnerable to an unauthenticated database backup download and information disclosure vulnerability. An attacker could disclose sensitive and clear-text information resulting in authentication bypass, session hijacking and full system control...

CVE-2019-11200

Dolibarr ERP/CRM 9.0.1 provides a web-based functionality that backs up the database content to a dump file. However, the application performs insufficient checks on the export parameters to mysqldump, which can lead to execution of arbitrary binaries on the server. Malicious binaries can be...

1 Click WordPress Migration Plugin – 100% FREE for a limited time <= 2.2 - Unauthenticated Sensitive Information Exposure via Database Backup in class-ocm-backup.php

Description The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2 via the class-ocm-backup.php. This makes it possible for unauthenticated attackers to extract sensitive...

CVE-2024-12330

CVE-2024-12330 applies to WP Database Backup – Unlimited Database & Files Backup by Backup for WP (WordPress). The vulnerability enables Sensitive Information Exposure via publicly accessible backup files in all versions up to 7.3, allowing unauthenticated attackers to extract database data. Root...

CVE-2024-12850 Database Backup and check Tables Automated With Scheduler 2024 <= 2.32 - Authenticated (Admin+) Arbitrary File Read

The Database Backup and check Tables Automated With Scheduler 2024 plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.32 via the databasebackupajaxdownload function. This makes it possible for authenticated attackers, with administrator-level access...

CVE-2024-12482 cjbi wetech-cms Database Backup BackupFileUtil.java backup path traversal

A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. It has been rated as problematic. Affected by this issue is the function backup of the file wetech-cms-master\wetech-basic-common\src\main\java\tech\wetech\basic\util\BackupFileUtil.java of the component Database Backup Handler. The...

Net Titanium Technology idcCMS Security Breach

Net Titanium Technology idcCMS Net Titanium IDC Cloud Management Agent System is a cloud management agent system from China's Net Titanium Technology Net Titanium Technology. A security vulnerability exists in Net Titanium Technology idcCMS v1.35, which was discovered to contain a Cross Site...

WordPress wpmu-dev-post-votes plugin database backup arbitrary file download vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. An arbitrary file download vulnerability exists in the WordPress wpmu-dev-post-votes plugin database backup. An attacker can...

Newsletter Tailor Database Backup Dump Vulnerability

Exploit for unknown platform in category web applications ==================================================== Newsletter Tailor Database Backup Dump Vulnerability ==================================================== ============================================================================== Â...

TorrentTrader Classic 1.09 SQL Injection

waraxe-2009-SA074 - Multiple Vulnerabilities in TorrentTrader Classic 1.09 =============================================================================== Author: Janek Vind "waraxe" Date: 15. June 2009 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-74.html Description of vulnerable...

GR Note 0.94 beta (Auth Bypass) Remote Database Backup Vulnerability

Exploit for unknown platform in category web applications ==================================================================== GR Note 0.94 beta Auth Bypass Remote Database Backup Vulnerability ==================================================================== GR Note v0.94 beta Remote Database...

Free PHP VX Guestbook 1.06 Arbitrary Database Backup Vulnerability

Exploit for unknown platform in category web applications ================================================================== Free PHP VX Guestbook 1.06 Arbitrary Database Backup Vulnerability ================================================================== + Free PHP VX Guestbook 1.06 Arbitrary...

blogpixel-backup.txt

------------------------------------------------------------------------- -- JIKI Team JIKO + KIl1er --- ------------------------------------------------------------------------- Author : jiko jiki team email : [email protected] Home : www.no-back.org Script : Blog PixelMotion Bug : Database...

fusionDB.pl.txt

!/usr/bin/perl D A R K A S S A S S I N S C R E W 2 0 0 5 Dark Assassins - http://dark-assassins.com/ Visit us on IRC @ irc.tddirc.net DarkAssassins phpfusiondb.pl; Version 0.1 22/06/05 PHP-Fusion db backup proof-of-concept by Easyex Database backup vuln in v6.00.105 and below Description: When a ...

PHP-Fusion 6.00.105 - Accessible Database Backups Download

!/usr/bin/perl D A R K A S S A S S I N S C R E W 2 0 0 5 Dark Assassins - http://dark-assassins.com/ Visit us on IRC @ irc.tddirc.net DarkAssassins phpfusiondb.pl; Version 0.1 22/06/05 PHP-Fusion db backup proof-of-concept by Easyex Database backup vuln in v6.00.105 and below Description: When a ...

PHP-Fusion Database Backup - Information Disclosure

source: https://www.securityfocus.com/bid/10974/info It is reported that PHP-Fusion is susceptible to a database backup information disclosure vulnerability. An anonymous remote attacker may be able to download a complete database backup from the server. Authentication would not be required. A...