2 matches found
CVE-2020-23061
The CVE concerns Dropouts Technologies LLP Super Backup v2.0.5, where an improper validation of the path parameter in the list and download modules enables directory traversal by modifying the path to request a local list command. The issue is triggered by a path variable that can be navigated to...
CVE-2020-23042
CVE-2020-23042 affects Dropouts Technologies LLP Super Backup v2.0.5. The vulnerability is a cross-site scripting (XSS) flaw in the path parameter of the list and download modules, enabling attackers to execute arbitrary web scripts or HTML via a crafted GET request. The issue is due to unsafely ...