GHSA-9CG9-4H4F-J6FG phpMyFAQ has unauthenticated config backup download via /api/setup/backup

Summary An unauthenticated remote attacker can trigger generation of a configuration backup ZIP via POST /api/setup/backup and then download the generated ZIP from a web-accessible location. The ZIP contains sensitive configuration files e.g., database.php with database credentials, leading to...

CVE-2025-69200

phpMyFAQ is an open source FAQ web application. In versions prior to 4.0.16, an unauthenticated remote attacker can trigger generation of a configuration backup ZIP via POST /api/setup/backup and then download the generated ZIP from a web-accessible location. The ZIP contains sensitive...

CVE-2025-69200 phpMyFAQ has unauthenticated config backup download via /api/setup/backup

phpMyFAQ is an open source FAQ web application. In versions prior to 4.0.16, an unauthenticated remote attacker can trigger generation of a configuration backup ZIP via POST /api/setup/backup and then download the generated ZIP from a web-accessible location. The ZIP contains sensitive...

CVE-2025-69200 phpMyFAQ has unauthenticated config backup download via /api/setup/backup

phpMyFAQ is an open source FAQ web application. In versions prior to 4.0.16, an unauthenticated remote attacker can trigger generation of a configuration backup ZIP via POST /api/setup/backup and then download the generated ZIP from a web-accessible location. The ZIP contains sensitive...

CVE-2025-69200 phpMyFAQ has unauthenticated config backup download via /api/setup/backup

phpMyFAQ is an open source FAQ web application. In versions prior to 4.0.16, an unauthenticated remote attacker can trigger generation of a configuration backup ZIP via POST /api/setup/backup and then download the generated ZIP from a web-accessible location. The ZIP contains sensitive...

PT-2025-53730

Name of the Vulnerable Software and Affected Versions phpMyFAQ versions prior to 4.0.16 Description An unauthenticated remote attacker can trigger the generation of a configuration backup ZIP file via the /api/setup/backup API endpoint. The generated ZIP file, accessible via the web, contains...

CVE-2019-25253

KYOCERA Net Admin 3.4.0906 contains an XML External Entity XXE injection vulnerability in the Multi-Set Template Editor that allows unauthenticated attackers to read arbitrary system files. Attackers can craft a malicious XML file with external entity references to retrieve sensitive configuratio...

CVE-2019-25253 KYOCERA Net Admin 3.4.0906 Unauthenticated XML External Entity Injection

KYOCERA Net Admin 3.4.0906 contains an XML External Entity XXE injection vulnerability in the Multi-Set Template Editor that allows unauthenticated attackers to read arbitrary system files. Attackers can craft a malicious XML file with external entity references to retrieve sensitive configuratio...

CVE-2025-68110

ChurchCRM is an open-source church management system. Versions prior to 6.5.3 may disclose database information in an error message including the host, ip, username, and password. Version 6.5.3 fixes the issue...

CVE-2025-68110

ChurchCRM has an information-disclosure vulnerability: versions prior to 6.5.3 may reveal database credentials (host, IP, username, password) in an error message. The issue is fixed in version 6.5.3. No exploit details are provided in the connected documents; impact is information disclosure. Aff...

CVE-2025-68110 ChurchCRM discloses database information on error message

ChurchCRM is an open-source church management system. Versions prior to 6.5.3 may disclose database information in an error message including the host, ip, username, and password. Version 6.5.3 fixes the issue...

PT-2025-51928

Name of the Vulnerable Software and Affected Versions ChurchCRM versions prior to 6.5.3 Description ChurchCRM is an open-source church management system. Versions prior to 6.5.3 may disclose database information in an error message, including the host, IP address, username, and password...

EUVD-2024-55346

xbtitFM 4.1.18 contains an unauthenticated SQL injection vulnerability that allows remote attackers to manipulate database queries by injecting malicious SQL code through the msgid parameter. Attackers can send crafted requests to /shoutedit.php with EXTRACTVALUE functions to extract database...

CVE-2025-13677

The Simple Download Counter plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.2.2. This is due to insufficient path validation in the simpledownloadcounterparsepath function. This makes it possible for authenticated attackers, with Administrator-level...

xbtitFM SQL注入漏洞

xbtitFM is a BitTorrent tracker software by the individual developer of xbtitFM. An SQL injection vulnerability exists in xbtitFM version 4.1.18, which stems from an SQL injection in the msgid parameter that could lead to the extraction of database credentials...

PT-2025-50761

Name of the Vulnerable Software and Affected Versions xbtitFM version 4.1.18 Description The software contains an unauthenticated SQL injection issue. Remote attackers can manipulate database queries by injecting malicious SQL code through the msgid parameter. Crafted requests sent to the...

EUVD-2021-34727

OpenBMCS 2.4 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive files by exploiting directory listing functionality. Attackers can browse directories like /debug/ and /php/ to discover configuration files, database credentials, and system...

CVE-2021-47718

OpenBMCS 2.4 is affected by an information disclosure vulnerability manifested through directory listing. The root cause is an enabled directory listing feature that allows unauthenticated attackers to browse sensitive paths such as /debug/ and /php/ to discover configuration files, database cred...

CVE-2021-47718 OpenBMCS Directory Listing Information Disclosure

OpenBMCS 2.4 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive files by exploiting directory listing functionality. Attackers can browse directories like /debug/ and /php/ to discover configuration files, database credentials, and system...

CVE-2025-63958

MILLENSYS Vision Tools Workspace 6.5.0.2585 exposes a sensitive configuration endpoint /MILLENSYS/settings that is accessible without authentication. This page leaks plaintext database credentials, file share paths, internal license server configuration, and software update parameters. An...