11 matches found
WordPress Backup Guard Authenticated Remote Code Execution Exploit
This Metasploit module allows an attacker with a privileged WordPress account to launch a reverse shell due to an arbitrary file upload vulnerability in Wordpress plugin Backup Guard versions prior to 1.6.0. This is due to an incorrect check of the uploaded file extension which should be of SGBP...
Wordpress Plugin Backup Guard 1.5.8 - Remote Code Execution (Authenticated)
Exploit Title: Wordpress Plugin Backup Guard 1.5.8 - Remote Code Execution Authenticated Date 02.07.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://backup-guard.com/products/backup-wordpress Software Link: https://downloads.wordpress.org/plugin/backup.1.5.8.zip Version: Before...
Format string
The WordPress Backup and Migrate Plugin – Backup Guard WordPress plugin before 1.6.0 did not ensure that the imported files are of the SGBP format and extension, allowing high privilege users admin+ to upload arbitrary files, including PHP ones, leading to RCE...
Backup Guard < 1.6.0 - Authenticated Arbitrary File Upload
The plugin did not ensure that the imported files are of the SGBP format and extension, allowing high privilege users admin+ to upload arbitrary files, including PHP ones, leading to RCE. Additional Info, and Bypass of .htaccess protection found by WPScanTeam, while confirming the issue: There is...
IOS Stack Group Bidding Protocol Crafted Packet DoS - Cisco Systems
The Cisco IOS Stack Group Bidding Protocol SGBP feature in certain versions of Cisco IOS software is vulnerable to a remotely-exploitable denial of service condition. Devices that do not support or have not enabled the SGBP protocol are not affected by this vulnerability. Cisco has made free...
Cisco IOS第二层隧道协议远程拒绝服务漏洞
BUGTRAQ ID: 31358 CVE ID: CVE-2008-3813 CNCVE ID:CNCVE-20083813 Cisco IOS是一款流行的网络操作系统。 Cisco IOS第二层隧道协议实现存在一个漏洞,远程攻击者可以利用漏洞对设备进行拒绝服务攻击,导致设备重载。 Cisco IOS软件中的L2TP mgmt守护进程启用多个功能,包括Layer 2 virtual private networks L2VPN, Layer 2 Tunnel Protocol Version 3 L2TPv3, Stack Group Bidding Protocol SGBP和Cis...
Sql injection
Unspecified vulnerability in Stack Group Bidding Protocol SGBP support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service device hang and network traffic loss via a crafted UDP packet to...
CVE-2006-0340
Cisco IOS 12.0–12.4 stack group bidding protocol (SGBP) support is vulnerable to a remote DoS via a crafted UDP packet to port 9900 when SGBP is enabled. Affected platforms include various Cisco devices running Cisco IOS with SGBP active; exploitation leads to device hang and network traffic loss...
CVE-2006-0340
Unspecified vulnerability in Stack Group Bidding Protocol SGBP support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service device hang and network traffic loss via a crafted UDP packet to...
Cisco IOS Stack Group Bidding Protocol (SGBP) DoS
Invalid SGBP UDP/9900 packet can cause router to hang if sgbp group is defined...
IOS Stack Group Bidding Protocol Crafted Packet DoS
The Cisco IOS Stack Group Bidding Protocol SGBP feature in certain versions of Cisco IOS software is vulnerable to a remotely-exploitable denial of service condition. Devices that do not support or have not enabled the SGBP protocol are not affected by this vulnerability. Cisco has made free...