19 matches found
CVE-2026-1104 FastDup – Fastest WordPress Migration & Duplicator <= 2.7.1 - Missing Authorization to Authenticated (Contributor+) Backup Creation and Download
The FastDup – Fastest WordPress Migration & Duplicator plugin for WordPress is vulnerable to unauthorized backup creation and download due to a missing capability check on REST API endpoints in all versions up to, and including, 2.7.1. This makes it possible for authenticated attackers, with...
CVE-2026-1104
CVE-2026-1104 affects the FastDup – Fastest WordPress Migration & Duplicator plugin for WordPress. The vulnerability is due to a missing capability check on REST API endpoints across all versions up to and including 2.7.1, enabling authenticated attackers with Contributor-level access and above t...
EUVD-2009-3466
Malware in sbrugna...
EUVD-2025-12664
Malicious code in bioql PyPI...
CVE-2022-2551
The Duplicator WordPress plugin before 1.4.7 discloses the url of the a backup to unauthenticated visitors accessing the main installer endpoint of the plugin, if the installer script has been run once by an administrator, allowing download of the full site backup without authenticating...
CVE-2025-46348
YesWiki is a wiki system written in PHP. Prior to version 4.5.4, the request to commence a site backup can be performed and downloaded without authentication. The archives are created with a predictable filename, so a malicious user could create and download an archive without being authenticated...
CVE-2025-46348
YesWiki is a wiki system written in PHP. Prior to version 4.5.4, the request to commence a site backup can be performed and downloaded without authentication. The archives are created with a predictable filename, so a malicious user could create and download an archive without being authenticated...
CVE-2025-46348 YesWiki Vulnerable to Unauthenticated Site Backup Creation and Download
YesWiki is a wiki system written in PHP. Prior to version 4.5.4, the request to commence a site backup can be performed and downloaded without authentication. The archives are created with a predictable filename, so a malicious user could create and download an archive without being authenticated...
GHSA-WC9G-6J9W-HR95 YesWiki Vulnerable to Unauthenticated Site Backup Creation and Download
Summary The request to commence a site backup can be performed without authentication. Then these backups can also be downloaded without authentication. The archives are created with a predictable filename, so a malicious user could create an archive and then download the archive without being...
CVE-2022-2551
The Duplicator WordPress plugin before 1.4.7 discloses the url of the a backup to unauthenticated visitors accessing the main installer endpoint of the plugin, if the installer script has been run once by an administrator, allowing download of the full site backup without authenticating...
CVE-2022-2551
The Duplicator WordPress plugin before 1.4.7 discloses the url of the a backup to unauthenticated visitors accessing the main installer endpoint of the plugin, if the installer script has been run once by an administrator, allowing download of the full site backup without authenticating...
CVE-2022-2551
The Duplicator WordPress plugin before 1.4.7 discloses the url of the a backup to unauthenticated visitors accessing the main installer endpoint of the plugin, if the installer script has been run once by an administrator, allowing download of the full site backup without authenticating...
PT-2022-17339
Name of the Vulnerable Software and Affected Versions Duplicator WordPress plugin versions prior to 1.4.7 Description The issue allows unauthenticated visitors to access the main installer endpoint of the plugin and download the full site backup without authentication, if the installer script has...
Veeam Support For Azure FIles
This article provides information around Veeam Backup & Replication support for Microsoft Azure Files. Note that it is possible to protect Azure Files natively with Azure Files Policies in Veeam Backup for Microsoft Azure. This article specifically discusses using Veeam Backup & Replication in...
Jouve Group hacked by Inj3ct0r Team Against The Nato
Jouve Group hacked by Inj3ct0r Team Against The Nato Inj3ct0r Hackers Hacked the Jouve group websites and Upload there data at Sendspace Link . Message By hackers "For the Pride of Green LibyaAnd Supporting the Libyan Nation Against The Nato GangsWe are against terrorism and violence in Libya! Na...
CVE-2009-3484
Stack-based buffer overflow in Core FTP 2.1 build 1612 allows user-assisted remote attackers to execute arbitrary code via a long hostname in an FTP server entry in a site backup file. NOTE: some of these details are obtained from third party information...
Stack overflow
Stack-based buffer overflow in Core FTP 2.1 build 1612 allows user-assisted remote attackers to execute arbitrary code via a long hostname in an FTP server entry in a site backup file. NOTE: some of these details are obtained from third party information...
CVE-2009-3484
Stack-based buffer overflow in Core FTP 2.1 build 1612 allows user-assisted remote attackers to execute arbitrary code via a long hostname in an FTP server entry in a site backup file. NOTE: some of these details are obtained from third party information...
CVE-2009-3484
CVE-2009-3484 concerns Core FTP 2.1 build 1612, where a stack-based buffer overflow is triggered by a long hostname in an FTP server entry within a site backup file. This user‑assisted vulnerability could allow an attacker to execute arbitrary code on the affected system. The description explicit...