8 matches found
EUVD-2020-23533
Malware in sbrugna...
CVE-2020-35948
An issue was discovered in the XCloner Backup and Restore plugin before 4.2.13 for WordPress. It gave authenticated attackers the ability to modify arbitrary files, including PHP files. Doing so would allow an attacker to achieve remote code execution. The xclonerrestore.php writefileaction could...
CVE-2020-35950
An issue was discovered in the XCloner Backup and Restore plugin before 4.2.153 for WordPress. It allows CSRF via almost any endpoint...
WordPress XCloner Backup, Restore and Migrate Plugin <= 4.7.3 is vulnerable to Sensitive Data Exposure
Software XCloner Backup, Restore and Migrate Type Plugin Vulnerable versions = 4.7.3 Fixed in 4.7.4 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-6559 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 382b1355c9ee Credits...
Remote code execution
An issue was discovered in the XCloner Backup and Restore plugin before 4.2.13 for WordPress. It gave authenticated attackers the ability to modify arbitrary files, including PHP files. Doing so would allow an attacker to achieve remote code execution. The xclonerrestore.php writefileaction could...
XCloner Backup and Restore < 4.2.153 - Cross-Site Request Forgery
Almost all of the endpoints in the plugin were vulnerable to cross-site request forgery due to a failure to implement nonces and corresponding checks. An attacker could use a CSRF attack to trigger a backup or update plugin options, along with all of the malicious activity outlined in the referen...
Joomla XCloner Backup 3.5.3 - Local File Disclosure
Joomla XCloner Backup version 3.5.3 suffers from a local file disclosure vulnerability. Exploit Title: Joomla XCloner Backup - Authenticated Local File Disclosure Date: 10.05.2020 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Exploit-Db Author ID: 8763 Reference:...
Joomla XCloner Backup 3.5.3 Plugin - Local File Inclusion (Authenticated) Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Plugin XCloner Backup 3.5.3 - Local File Inclusion Authenticated Exploit Author: Mehmet Kelepçe / Gais Cyber Security Exploit-Db Author ID: 8763 Reference:...