3 matches found
CVE-2023-54346 WordPress Plugin Backup Migration 1.2.8 Unauthenticated Database Backup Download
WordPress Plugin Backup Migration 1.2.8 contains an information disclosure vulnerability that allows unauthenticated attackers to download complete database backups by accessing predictable file paths. Attackers can enumerate backup directories through configuration files and complete logs, then...
I, Librarian 4.6/4.7 - Command Injection / Server Side Request Forgery / Directory Enumeration / Cross-Site Scripting
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: I, Librarian PDF manager vulnerable version: =4.6 & 4.7 fixed version: 4.8 CVE number: - impact: Critical homepage:...
CVE-2013-3398
The web framework in Cisco Prime Central for Hosted Collaboration Solution HCS Assurance provides different responses to requests for arbitrary pathnames depending on whether the pathname exists, which allows remote attackers to enumerate directories and files via a series of crafted requests, ak...