31 matches found
UrBackup Buffer Overflow Vulnerability
UrBackup is an open source backup and recovery system for multiple platforms. A buffer overflow vulnerability exists in UrBackup version 2.2.6. The vulnerability stems from a networked system or product performing operations in memory without properly validating data boundaries, resulting in...
Null pointer dereference
In UrBackup 2.2.6, an attacker can send a malformed request to the client over the network, and trigger a fileservplugin/CClientThread.cpp CClientThread::GetFileHashAndMetadata NULL pointer dereference, leading to shutting down the client application...
CVE-2018-20014
In UrBackup 2.2.6, an attacker can send a malformed request to the client over the network, and trigger a fileservplugin/CClientThread.cpp CClientThread::GetFileHashAndMetadata NULL pointer dereference, leading to shutting down the client application...
CVE-2018-20014
In UrBackup 2.2.6, an attacker can send a malformed request to the client over the network, and trigger a fileservplugin/CClientThread.cpp CClientThread::GetFileHashAndMetadata NULL pointer dereference, leading to shutting down the client application...
CVE-2018-20014
CVE-2018-20014 affects UrBackup 2.2.6. A malformed network request can trigger a NULL pointer dereference in fileservplugin/CClientThread.cpp::GetFileHashAndMetadata, causing the client application to shut down. The available documents do not provide exploit details, affected versions beyond 2.2....
UrBackup Server Cross-Site Scripting Vulnerability
UrBackup is an easy to install open source client/server backup system . A cross-site scripting vulnerability exists in UrBackup Server before 2.1.20. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML via the action parameter...
Cross site scripting
Cross - site scripting XSS vulnerability in UrBackup Server before 2.1.20 allows remote attackers to inject arbitrary web script or HTML via the action parameter...
CVE-2017-16950
Cross - site scripting XSS vulnerability in UrBackup Server before 2.1.20 allows remote attackers to inject arbitrary web script or HTML via the action parameter...
CVE-2017-16950
Cross - site scripting XSS vulnerability in UrBackup Server before 2.1.20 allows remote attackers to inject arbitrary web script or HTML via the action parameter...
CVE-2017-16950
CVE-2017-16950 is an XSS in UrBackup Server prior to 2.1.20. The web UI fails to properly sanitize the action parameter, allowing a remote attacker to inject arbitrary web script or HTML via that parameter. Affected product: UrBackup Server (before 2.1.20); root cause: insufficient input sanitiza...
CVE-2017-16950
Cross - site scripting XSS vulnerability in UrBackup Server before 2.1.20 allows remote attackers to inject arbitrary web script or HTML via the action parameter...