Lucene search
K

50 matches found

Cvelist
Cvelist
added last week32 views

CVE-2026-42145 Coolify: File Upload Without Type or Size Validation in Database Backup Restore

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, the file upload endpoint app/Http/Controllers/UploadController.php for database backup restore uploads did not enforce file type or size validation, allowing an authenticat...

3.1CVSS0.0025EPSS
Exploits0References4
NVD
NVD
added 2026/06/29 6:16 p.m.20 views

CVE-2026-56782

Gorse before 0.5.10 contains an authentication bypass vulnerability in the /api/dump and /api/restore endpoints that allows unauthenticated attackers to access protected functionality when adminapikey is empty, which is the default configuration. Remote attackers can exfiltrate the entire databas...

9.8CVSS0.03016EPSS
Exploits2References4
Vulnrichment
Vulnrichment
added 2026/06/29 5:16 p.m.6 views

CVE-2026-56782 Gorse - Unauthenticated Database Dump and Restore via /api/dump and /api/restore Endpoints

Gorse before 0.5.10 contains an authentication bypass vulnerability in the /api/dump and /api/restore endpoints that allows unauthenticated attackers to access protected functionality when adminapikey is empty, which is the default configuration. Remote attackers can exfiltrate the entire databas...

9.8CVSS5.8AI score0.03016EPSS
Exploits2References4
ATTACKERKB
ATTACKERKB
added 2026/06/29 5:16 p.m.5 views

CVE-2026-56782

Gorse before 0.5.10 contains an authentication bypass vulnerability in the /api/dump and /api/restore endpoints that allows unauthenticated attackers to access protected functionality when adminapikey is empty, which is the default configuration. Remote attackers can exfiltrate the entire databas...

9.8CVSS5.8AI score0.03016EPSS
Exploits2References5
Cvelist
Cvelist
added 2026/06/29 5:16 p.m.33 views

CVE-2026-56782 Gorse - Unauthenticated Database Dump and Restore via /api/dump and /api/restore Endpoints

Gorse before 0.5.10 contains an authentication bypass vulnerability in the /api/dump and /api/restore endpoints that allows unauthenticated attackers to access protected functionality when adminapikey is empty, which is the default configuration. Remote attackers can exfiltrate the entire databas...

9.8CVSS0.03016EPSS
Exploits2References4
CVE
CVE
added 2026/06/29 5:16 p.m.25 views

CVE-2026-56782

Gorse before 0.5.10 contains an authentication bypass vulnerability affecting the /api/dump and /api/restore endpoints. When admin_api_key is empty (default configuration), unauthenticated remote attackers can access protected functionality, enabling either exfiltration of the entire database (in...

9.8CVSS5.8AI score0.03016EPSS
Exploits2References4
F5 Networks
F5 Networks
added 2026/06/08 12:35 a.m.15 views

K000161622: NGINX UI vulnerability CVE-2026-42238

Security Advisory Description Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.8, nginx-ui exposes a backup restore endpoint POST /api/restore that is completely unauthenticated during the first 10 minutes after process startup on any fresh installation. An...

9.8CVSS5.5AI score0.00764EPSS
Exploits1
CERT
CERT
added 2026/06/02 12:0 a.m.12 views

Collibra Agent contains improper authentication and path traversal vulnerabilities

Overview The Collibra Platform Agent contains vulnerabilities that can be chained by a remote, unauthenticated attacker to achieve remote code execution. An attacker can exploit these issues by uploading a crafted ZIP archive that writes attacker-controlled files to arbitrary locations on the...

8.2CVSS6.5AI score0.00442EPSS
Exploits0
EUVD
EUVD
added 2026/05/06 5:3 p.m.28 views

EUVD-2026-27141

Nginx-UI is Vulnerable to Unauthenticated Remote Code Execution via Backup Restore...

9.8CVSS5.8AI score0.00764EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/05/05 12:30 p.m.41 views

CVE-2026-7833 EFM ipTIME C200 ApplyRestore Endpoint iux_set.cgi sub_408F90 command injection

A weakness has been identified in EFM ipTIME C200 up to 1.092. This vulnerability affects the function sub408F90 of the file /cgi/iuxset.cgi of the component ApplyRestore Endpoint. This manipulation of the argument RestoreFile causes command injection. The attack can be initiated remotely. The...

8.6CVSS0.02336EPSS
Exploits0References4
CVE
CVE
added 2026/05/05 12:30 p.m.21 views

CVE-2026-7833

CVE-2026-7833 affects EFM ipTIME C200 firmware up to 1.092. The vulnerability lies in the function sub_408F90 of /cgi/iux_set.cgi (ApplyRestore Endpoint), where improper handling of the RestoreFile argument enables remote command injection. Impact includes high risk to confidentiality, integrity,...

8.6CVSS6.7AI score0.02336EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.11 views

PT-2026-37039

A weakness has been identified in EFM ipTIME C200 up to 1.092. This vulnerability affects the function sub 408F90 of the file /cgi/iux set.cgi of the component ApplyRestore Endpoint. This manipulation of the argument RestoreFile causes command injection. The attack can be initiated remotely. The...

8.6CVSS6.7AI score0.02336EPSS
Exploits0References5
CVE
CVE
added 2026/05/04 8:13 p.m.60 views

CVE-2026-42238

Nginx UI (nginx-ui) prior to version 2.3.8 exposes an unauthenticated backup restore endpoint (POST /api/restore) during the first 10 minutes after startup. An unauthenticated remote attacker can upload a crafted backup archive that overwrites app.ini and the SQLite database, allowing injection o...

9.8CVSS5.9AI score0.00764EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.10 views

Nginx UI 代码注入漏洞

Nginx UI is a web interface for Nginx developed by Jacky. Versions of Nginx UI prior to 2.3.8 had a code injection vulnerability. This vulnerability stemmed from the backup restoration endpoint POST /api/restore, which operates without authentication within the first 10 minutes after the process...

9.8CVSS6.2AI score0.00764EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/04/22 9:13 p.m.5 views

CVE-2026-41170 Squidex has SSRF via Backup Restore Endpoint — Admin-Controlled URL Download Allows Internal and External Requests

Squidex is an open source headless content management system and content management hub. Prior to version 7.23.0, the RestoreController.PostRestoreJob endpoint allows an administrator to supply an arbitrary URL for downloading backup archives. This URL is fetched using the "Backup" HttpClient...

8.5CVSS5.9AI score0.00238EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/22 9:13 p.m.5 views

CVE-2026-41170

Squidex is an open source headless content management system and content management hub. Prior to version 7.23.0, the RestoreController.PostRestoreJob endpoint allows an administrator to supply an arbitrary URL for downloading backup archives. This URL is fetched using the "Backup" HttpClient...

8.5CVSS5.9AI score0.00238EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/04/22 9:13 p.m.27 views

CVE-2026-41170 Squidex has SSRF via Backup Restore Endpoint — Admin-Controlled URL Download Allows Internal and External Requests

Squidex is an open source headless content management system and content management hub. Prior to version 7.23.0, the RestoreController.PostRestoreJob endpoint allows an administrator to supply an arbitrary URL for downloading backup archives. This URL is fetched using the "Backup" HttpClient...

8.5CVSS0.00238EPSS
Exploits0References2
CVE
CVE
added 2026/04/21 5:56 p.m.26 views

CVE-2026-40608

CVE-2026-40608 affects Next AI Draw.io (a Next.js app). Before version 0.4.15, the embedded HTTP sidecar’s three POST handlers (/api/state, /api/restore, /api/history-svg) accumulate entire request bodies into a JavaScript string without size limits. Node.js buffers the full payload in the V8 hea...

6.2CVSS5.8AI score0.00146EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2026/04/18 12:16 a.m.5 views

CVE-2026-40484

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the database backup restore functionality extracts uploaded archive contents and copies files from the Images/ directory into the web-accessible document root using recursiveCopyDirectory, which performs no file...

9.1CVSS0.00867EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.10 views

PT-2026-28564

Name of the Vulnerable Software and Affected Versions Ella Core versions prior to 1.7.0 Description Ella Core is a 5G core designed for private networks. The NetworkManager role had backup and restore permissions. The restore endpoint accepted any valid SQLite file without content verification...

7.5CVSS5.9AI score0.60368EPSS
Exploits18References48
Rows per page
Query Builder