Lucene search
K

5 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/20 11:25 p.m.6 views

CVE-2026-3339

The Keep Backup Daily plugin for WordPress is vulnerable to Limited Path Traversal in all versions up to, and including, 2.1.1 via the kbdopenuploaddir AJAX action. This is due to insufficient validation of the kbdpath parameter, which is only sanitized with sanitizetextfield - a function that do...

2.7CVSS5.9AI score0.00375EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/01/07 9:32 a.m.10 views

CVE-2019-16064

NETSAS Enigma NMS 65.0.0 and prior suffers from a directory traversal vulnerability that can allow an authenticated user to access files and directories stored outside of the web root folder. By exploiting this vulnerability, it is possible for an attacker to list operating-system directory...

9.6CVSS6.6AI score0.01306EPSS
Exploits1References1
CVE
CVE
added 2025/12/19 5:11 p.m.17 views

CVE-2025-68430

CVE-2025-68430 affects CVAT, an open source video/image annotation tool. Versions 2.8.1 through 2.52.0 permit an account-bearing attacker on a CVAT instance to retrieve the names of files and subdirectories in any file system directory accessible to the CVAT server; contents of files are not expo...

5.3CVSS6.2AI score0.0024EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-6926

Malware in sbrugna...

9.6CVSS9.2AI score0.01306EPSS
Exploits1References2
wpexploit
wpexploit
added 2023/12/04 12:0 a.m.310 views

Duplicator < 1.5.7.1; Duplicator Pro < 4.5.14.2 - Unauthenticated Sensitive Data Exposure

Description The plugin does not disallow listing the backups-dup-lite/tmp directory or the backups-dup-pro/tmp directory in the Pro version, which temporarily stores files containing sensitive data. When directory listing is enabled in the web server, this allows unauthenticated attackers to...

7.5CVSS8.8AI score0.30894EPSS
Exploits5References1
Rows per page
Query Builder