EUVD-2014-1142

Malware in sbrugna...

WordPress DB Backup <= 6.0 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by 0xd4rk5id3 in WordPress Plugin DB Backup versions = 6.0...

CVE-2014-10076

The wp-db-backup plugin 2.2.4 for WordPress relies on a five-character string for access control, which makes it easier for remote attackers to read backup archives via a brute-force attack...

CVE-2025-2319

CVE-2025-2319 concerns the EZ SQL Reports Shortcode Widget and DB Backup plugin for WordPress. According to the CVE entry, versions 4.11.13 through 5.25.08 are vulnerable to Cross-Site Request Forgery due to missing or incorrect nonce validation in the ELISQLREPORTS_menu function, which could all...

CVE-2025-26887 WordPress EZ SQL Reports Shortcode Widget and DB Backup plugin <= 5.21.35 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Eli EZ SQL Reports Shortcode Widget and DB Backup elisqlreports allows Stored XSS.This issue affects EZ SQL Reports Shortcode Widget and DB Backup: from n/a through = 5.21.35...

CVE-2014-9119

Directory traversal vulnerability in download.php in the DB Backup plugin 4.5 and earlier for Wordpress allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...

Directory traversal

Directory traversal vulnerability in download.php in the DB Backup plugin 4.5 and earlier for Wordpress allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...

CVE-2014-9119

CVE-2014-9119 affects WordPress DB Backup Plugin (version 4.5 and earlier). A local file inclusion / directory traversal flaw exists in download.php, permitting an attacker to read arbitrary server files by manipulating the file parameter (e.g., via path traversal). The NUCLEI template and relate...

DEBIAN-CVE-2006-5705

Multiple directory traversal vulnerabilities in plugins/wp-db-backup.php in WordPress before 2.0.5 allow remote authenticated users to read or overwrite arbitrary files via directory traversal sequences in the 1 backup and 2 fragment parameters in a GET request...

CVE-2006-4208

Directory traversal vulnerability in wp-db-backup.php in Skippy WP-DB-Backup plugin for WordPress 1.7 and earlier allows remote authenticated users with administrative privileges to read arbitrary files via a .. dot dot in the backup parameter to edit.php...

CVE-2006-4208

CVE-2006-4208 describes a directory traversal in the Skippy WP-DB-Backup WordPress plugin (versions 1.7 and earlier). The flaw exists in wp-db-backup.php where an authenticated user with administrative privileges can read arbitrary files by supplying a ".." in the backup parameter to edit.php. Th...