Lucene search
+L

43 matches found

attackerkb
attackerkb
added 2025/12/17 9:29 p.m.7 views

CVE-2025-68109

ChurchCRM is an open-source church management system. In versions prior to 6.5.3, the Database Restore functionality does not validate the content or file extension of uploaded files. As a result, an attacker can upload a web shell file and subsequently upload a .htaccess file to enable direct...

9.1CVSS6.4AI score0.01402EPSS
Exploits3References3Affected Software1
vulnrichment
vulnrichment
added 2025/12/17 9:29 p.m.3 views

CVE-2025-68109 ChurchCRM vulnerable to RCE with database restore functionality

ChurchCRM is an open-source church management system. In versions prior to 6.5.3, the Database Restore functionality does not validate the content or file extension of uploaded files. As a result, an attacker can upload a web shell file and subsequently upload a .htaccess file to enable direct...

9.1CVSS7.8AI score0.01402EPSS
Exploits3References1
ptsecurity
ptsecurity
added 2025/12/17 12:0 a.m.5 views

PT-2025-51927

Name of the Vulnerable Software and Affected Versions ChurchCRM versions prior to 6.5.3 Description ChurchCRM is an open-source church management system. The Database Restore functionality does not validate the content or file extension of uploaded files. This allows an attacker to upload a web...

9.1CVSS7.9AI score0.01402EPSS
Exploits3References7
cnnvd
cnnvd
added 2025/12/17 12:0 a.m.5 views

ChurchCRM 安全漏洞

ChurchCRM is an open source church management system. ChurchCRM suffers from a code execution vulnerability that stems from the database restore feature not validating the content or extension of uploaded files, which can be exploited by an attacker to cause remote code execution...

9.1CVSS6.4AI score0.01402EPSS
Exploits3References2
redhatcve
redhatcve
added 2025/04/18 2:5 a.m.20 views

CVE-2024-55372

Wallos =2.38.2 has a file upload vulnerability in the restore database function, which allows unauthenticated users to restore database by uploading a ZIP file. The contents of the ZIP file are extracted on the server. This functionality enables an unauthenticated attacker to upload malicious fil...

9.8CVSS7.2AI score0.00554EPSS
Exploits1References1
cvelist
cvelist
added 2025/04/16 12:0 a.m.18 views

CVE-2024-55372

Wallos =2.38.2 has a file upload vulnerability in the restore database function, which allows unauthenticated users to restore database by uploading a ZIP file. The contents of the ZIP file are extracted on the server. This functionality enables an unauthenticated attacker to upload malicious fil...

0.00554EPSS
Exploits1References1
citrix
citrix
added 2024/02/20 12:0 a.m.26 views

Warning:Table chb_State.Workers object definition does not match the expected reference schema

The Site test Report shows a warning "Table chbState.Workers object definition does not match the expected reference schema" CDF traces captured from the DDC while running the Ste test show the below messages:...

7AI score
Exploits0
vulncheck_kev
vulncheck_kev
added 2023/11/18 12:0 a.m.6 views

VulnCheck KEV: CVE-2022-38130

The com.keysight.tentacle.config.ResourceManager.smsRestoreDatabaseZip method is used to restore the HSQLDB database used in SMS. It takes the path of the zipped database file as the single parameter. An unauthenticated, remote attacker can specify an UNC path for the database file i.e.,...

9.8CVSS7.3AI score0.53389EPSS
Exploits0References1
attackerkb
attackerkb
added 2023/07/25 8:15 p.m.8 views

CVE-2022-46902

An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is a Path Traversal for an Unzip operation. The Vocera Report Console contains a websocket function that allows for the restoration of the database from a ZIP archive that expects a SQL import file. During the...

7.5CVSS7AI score0.00532EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2023/07/25 12:0 a.m.5 views

PT-2023-15103 · Vocera · Vocera Voice Server +2

Name of the Vulnerable Software and Affected Versions: Vocera Report Server and Voice Server versions 5.x through 5.8 Description: An issue was discovered that allows for a Path Traversal during an Unzip operation. The Vocera Report Console contains a websocket function that allows for the...

9.8CVSS7.2AI score0.00683EPSS
Exploits0References6
cnnvd
cnnvd
added 2022/12/13 12:0 a.m.5 views

Gym Management System 跨站请求伪造漏洞

Gym Management System is a gym management system. The system is developed in C and sql server and features customer and supplier management, product management, sales management, gym membership management, fitness assessment, system logging, database backup and restore. A security vulnerability...

4.5CVSS4.9AI score0.00316EPSS
Exploits1References2
attackerkb
attackerkb
added 2022/08/10 8:16 p.m.3 views

CVE-2022-38130

The com.keysight.tentacle.config.ResourceManager.smsRestoreDatabaseZip method is used to restore the HSQLDB database used in SMS. It takes the path of the zipped database file as the single parameter. An unauthenticated, remote attacker can specify an UNC path for the database file i.e., \\sms,...

9.8CVSS7.3AI score0.53389EPSS
Exploits0References3
redhat
redhat
added 2019/11/25 2:20 p.m.78 views

Critical: Red Hat Security Advisory: Red Hat Ansible Tower 3.6.1-1 - EL7 Container

Red Hat Ansible Tower 3.6.1-1 - EL7 Container Ansible Tower Version 3.6.1 ----------------------------- - Fixed accidental disclosure of Red Hat username and password in /api/v2/config CVE-2019-14890 - Fixed upgrade failure with bundled installer - Fixed license check error when reinstalling over...

8.4CVSS7.3AI score0.00237EPSS
Exploits0References2
cvelist
cvelist
added 2019/07/01 3:5 p.m.22 views

CVE-2019-4357

When using IBM Spectrum Protect Plus 10.1.0, 10.1.2, and 10.1.3 to protect Oracle, DB2 or MongoDB databases, a redirected restore operation specifying a target path may allow execution of arbitrary code on the system. IBM X-Force ID: 161667,...

8.2CVSS6.6AI score0.00458EPSS
Exploits0References3
ibm
ibm
added 2019/06/28 9:25 p.m.19 views

Security Bulletin: Password disclosure in IBM Spectrum Protect Server (CVE-2019-4140)

Summary The IBM Spectrum Protect formerly Tivoli Storage Manager Server may disclose the database restore password when using the dsmserv restore db command. This could allow another user to perform a database restore or possibly result in an old backup replacing the database. Vulnerability Detai...

7.1CVSS0.4AI score0.00309EPSS
Exploits0Affected Software2
osv
osv
added 2019/06/28 6:15 p.m.5 views

CVE-2018-14885

Incorrect access control in the database manager component in Odoo Community 10.0 and 11.0 and Odoo Enterprise 10.0 and 11.0 allows a remote attacker to restore a database dump without knowing the super-admin password. An arbitrary password succeeds...

9.8CVSS5.9AI score0.02224EPSS
Exploits0References2
cnvd
cnvd
added 2018/08/28 12:0 a.m.4 views

Arbitrary File Deletion Vulnerability in niubicms Database Restore Service

niubicms is by the Nanjing Niukun Network Technology Co., Ltd. independent research and development of the novel website source code, news website source code, for PHP open source system. niubicms database restore the existence of arbitrary file deletion vulnerability. Attackers can use the...

7.1AI score
Exploits0
cnvd
cnvd
added 2018/08/25 12:0 a.m.5 views

niubicmsv background database restore at the existence of arbitrary file download vulnerability

niubicms is by the Nanjing Niukun Network Technology Co., Ltd. independent research and development of the novel website source code, news website source code, for PHP open source system. niubicmsv background database restore the existence of arbitrary file download vulnerability. The vulnerabili...

7AI score
Exploits0
redhat
redhat
added 2017/10/12 7:53 a.m.4 views

mysql: Incorrect input validation allowing code execution via mysqldump

It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database...

7.5AI score
Exploits0References6
redhat
redhat
added 2017/08/01 2:18 p.m.8 views

mysql: Incorrect input validation allowing code execution via mysqldump

It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database...

6.6CVSS7.5AI score0.0264EPSS
Exploits0References6
Rows per page
Query Builder