UrBackup Server 2.5.31 allows brute-force enumeration of user accounts because a failure message confirms that a username is not...
5.3CVSS
5.3AI Score
0.0005EPSS
In UrBackup 2.2.6, an attacker can send a malformed request to the client over the network, and trigger a fileservplugin/CClientThread.cpp CClientThread::ProcessPacket metadata_id!=0 assertion, leading to shutting down the client...
7.5CVSS
7.5AI Score
0.001EPSS
In UrBackup 2.2.6, an attacker can send a malformed request to the client over the network, and trigger a fileservplugin/CClientThread.cpp CClientThread::GetFileHashAndMetadata NULL pointer dereference, leading to shutting down the client...
7.5CVSS
7.5AI Score
0.002EPSS
Cross - site scripting (XSS) vulnerability in UrBackup Server before 2.1.20 allows remote attackers to inject arbitrary web script or HTML via the action...
6.1CVSS
6AI Score
0.001EPSS