PT-2026-4551

Name of the Vulnerable Software and Affected Versions phpMyFAQ versions 4.0.14 through 4.0.16 Description phpMyFAQ is a web-based FAQ application. A flaw in authorization logic exists in versions 4.0.14 and below, exposing the /api/setup/backup API endpoint to any authenticated user, regardless o...

CVE-2023-6271

The Backup Migration WordPress plugin before 1.3.6 stores in-progress backups information in easy to find, publicly-accessible files, which may allow attackers monitoring those to leak sensitive information from the site's backups...

CVE-2021-20114

When installed following the default/recommended settings, TCExam = 14.8.1 allowed unauthenticated users to access the /cache/backup/ directory, which included sensitive database backup files...

CVE-2019-3765

Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and Dell EMC Integrated Data Protection Appliance IDPA versions 2.0, 2.1, 2.2, 2.3 and 2.4 contain an Incorrect Permission Assignment for Critical Resource vulnerability. A remote authenticated malicious user potentially could...