CVE-2018-25437

WordPress CherryFramework Themes 3.1.4 contains an information disclosure vulnerability that allows unauthenticated attackers to download sensitive backup files by accessing the downloadbackup.php endpoint. Attackers can directly access the downloadbackup.php script in the admin/datamanagement...

CVE-2018-25437 WordPress CherryFramework Themes 3.1.4 Backup File Download

WordPress CherryFramework Themes 3.1.4 contains an information disclosure vulnerability that allows unauthenticated attackers to download sensitive backup files by accessing the downloadbackup.php endpoint. Attackers can directly access the downloadbackup.php script in the admin/datamanagement...

CVE-2024-25502

Directory Traversal vulnerability in flusity CMS v.2.4 allows a remote attacker to execute arbitrary code and obtain sensitive information via the downloadbackup.php component...

CVE-2024-25502

Directory Traversal vulnerability in flusity CMS v.2.4 allows a remote attacker to execute arbitrary code and obtain sensitive information via the downloadbackup.php component...

CVE-2024-25502

Directory Traversal vulnerability in flusity CMS v.2.4 allows a remote attacker to execute arbitrary code and obtain sensitive information via the downloadbackup.php component...

CVE-2024-25502

CVE-2024-25502 denotes a directory traversal vulnerability in flusity CMS v2.4 , exploitable via the download_backup.php component. The Red Hat/NVD/CVE references describe an attacker achieving remote code execution and access to sensitive information, driven by a path traversal flaw. The CVSS 3....

Eskolar CMS 0.9.0.0 - Blind SQL Injection

Eskolar CMS 0.9.0.0 - Blind SQL Injection ================================================================================================== !/usr/bin/perl use IO::Socket; ==================================================================================================...