13 matches found
EUVD-2021-11971
Malware in sbrugna...
CVE-2023-36339
An access control issue in WebBoss.io CMS v3.7.0.1 allows attackers to access the Website Backup Tool via a crafted GET request...
CVE-2023-36339
An access control issue in WebBoss.io CMS v3.7.0.1 allows attackers to access the Website Backup Tool via a crafted GET request...
Cross site request forgery (csrf)
An access control issue in WebBoss.io CMS v3.7.0.1 allows attackers to access the Website Backup Tool via a crafted GET request...
CVE-2023-36339
An access control issue in WebBoss.io CMS v3.7.0.1 allows attackers to access the Website Backup Tool via a crafted GET request...
CVE-2023-36339
An access control issue in WebBoss.io CMS v3.7.0.1 allows attackers to access the Website Backup Tool via a crafted GET request...
CVE-2021-25059 Download Plugin < 2.0.0 - Subscriber+ Website Download
The Download Plugin WordPress plugin before 2.0.0 does not properly validate a user has the required privileges to access a backup's nonce identifier, which may allow any users with an account on the site such as subscriber to download a full copy of the website...
Acronis: SSRF when configuring Website Backup on Acronis Cloud
Hi, I hope everything goes well. I have found a SSRF in https://mc-beta-cloud.acronis.com/ui//backup-console/resources when configuring the backup plan for a website. Summary While I was looking at the functionality of managing backups on websites, I saw that if you specify a local IP where to ge...
The Wayback Machine and Cloudflare Want to Backstop the Web
The Internet Archive and the infrastructure company are teaming up to make sure sites never fully go down...
Joomla! XCloner Component Information Disclosure Vulnerability
Joomla! is an open source, cross-platform content management system CMS developed using PHP and MySQL. xCloner is used in one of the website backup and restore components. A security vulnerability exists in the XCloner component of Joomla! An attacker can exploit this vulnerability to obtain loca...
CVE-2014-2340
The CVE-2014-2340 vulnerability affects the XCloner WordPress plugin (pre-3.1.1). It is a Cross-Site Request Forgery (CSRF) flaw that lets an attacker hijack an administrator’s session to trigger backup creation via wp-admin/plugins.php. Root cause is insufficient verification of request origin c...
Casa Presidencial website defaced by Latinhack
Casa Presidencial website defaced by Latinhack The Casa Presidencial website was in temporary control of hackers on Sunday. The minister explained that the hack was noticed while doing a backup of the site. The cyber-attack was attributed to a group called Latinhack, whose members have perpetrate...
Hot or Not Clone by Jnshosts.com Database Backup Dump Vulnerability
Exploit for unknown platform in category web applications =================================================================== Hot or Not Clone by Jnshosts.com Database Backup Dump Vulnerability =================================================================== Name : Hot or Not Clone by...