CVE-2025-15457

A vulnerability was found in bg5sbk MiniCMS up to 1.8. The impacted element is an unknown function of the file /minicms/mc-admin/post.php of the component Trash File Restore Handler. Performing a manipulation results in improper authentication. It is possible to initiate the attack remotely. The...

CVE-2025-15457

A vulnerability was found in bg5sbk MiniCMS up to 1.8. The impacted element is an unknown function of the file /minicms/mc-admin/post.php of the component Trash File Restore Handler. Performing a manipulation results in improper authentication. It is possible to initiate the attack remotely. The...

CVE-2025-15457 bg5sbk MiniCMS Trash File Restore post.php improper authentication

A vulnerability was found in bg5sbk MiniCMS up to 1.8. The impacted element is an unknown function of the file /minicms/mc-admin/post.php of the component Trash File Restore Handler. Performing a manipulation results in improper authentication. It is possible to initiate the attack remotely. The...

CVE-2025-15457

CVE-2025-15457 affects bg5sbk MiniCMS up to version 1.8. The vulnerability resides in the Trash File Restore Handler in the unknown function within the file "/minicms/mc-admin/post.php" and causes improper authentication. It can be exploited remotely and a public exploit exists; the vendor was co...

CVE-2025-15457 bg5sbk MiniCMS Trash File Restore post.php improper authentication

A vulnerability was found in bg5sbk MiniCMS up to 1.8. The impacted element is an unknown function of the file /minicms/mc-admin/post.php of the component Trash File Restore Handler. Performing a manipulation results in improper authentication. It is possible to initiate the attack remotely. The...

MiniCMS 授权问题漏洞

MiniCMS is a mini content management system designed for personal websites by the individual developer of Dada bg5sbk. An authorization issue vulnerability exists in MiniCMS 1.8 and earlier versions, which stems from incorrect operation of the file /minicms/mc-admin/post.php of the component Tras...

EUVD-2020-19696

Malware in sbrugna...

EUVD-2019-3222

Malware in sbrugna...

EUVD-2006-1650

Malware in sbrugna...

EUVD-2016-10268

Malware in sbrugna...

CVE-2024-57394

The quarantine - restore function in Qi-ANXIN Tianqing Endpoint Security Management System v10.0 allows user to restore a malicious file to an arbitrary file path. Attackers can write malicious DLL to system path and perform privilege escalation by leveraging Windows DLL hijacking vulnerabilities...

Guest OS File Restore Fails on Self-Referencing Junction Points

Challenge Using Guest OS File Restore to restore a folder containing a junction point that redirects back to the initial folder fails with the error: Win32 error:The name of the file cannot be resolved by the system. Code: 1921 For example, attempting to restore a user's AppData folder the restor...

CVE-2024-22514

An issue discovered in iSpyConnect.com Agent DVR 5.1.6.0 allows attackers to run arbitrary files by restoring a crafted backup file...

UBUNTU-CVE-2022-40314

A remote code execution risk when restoring backup files originating from Moodle 1.9 was identified...

CVE-2020-27172

An issue was discovered in G-Data before 25.5.9.25 using Symbolic links, it is possible to abuse the infected-file restore mechanism to achieve arbitrary write that leads to elevation of privileges...

Privilege escalation

An issue was discovered in G-Data before 25.5.9.25 using Symbolic links, it is possible to abuse the infected-file restore mechanism to achieve arbitrary write that leads to elevation of privileges...

IBM Spectrum Protect Plus Insecure File Permissions Vulnerability

IBM Spectrum Protect Plus is a suite of data protection platforms from IBM USA. The platform provides organizations with a single point of control and management and supports backup and recovery for virtual, physical and cloud environments of all sizes. A security vulnerability exists in IBM...

Cross site request forgery (csrf)

In Code42 Enterprise and Crashplan for Small Business through Client version 6.9.1, an attacker can craft a restore request to restore a file through the Code42 app to a location they do not have privileges to write...

CVE-2019-11551

CVE-2019-11551 — Code42 Enterprise / CrashPlan for Small Business (Client ≤ 6.9.1) : An attacker with local access can craft a restore request via the Code42 app to write a file to a location they should not be able to write. Root cause: insufficient validation of the restore target path in the c...

CVE-2019-11551

In Code42 Enterprise and Crashplan for Small Business through Client version 6.9.1, an attacker can craft a restore request to restore a file through the Code42 app to a location they do not have privileges to write...