Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
db backup project db backup vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-9119
Directory traversal vulnerability in download.php in the DB Backup plugin 4.5 and previous versions for Wordpress allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter.
Db Backup Project Db Backup
1 EDB exploit
7.5
CVSSv3
CVE-2014-10076
The wp-db-backup plugin 2.2.4 for WordPress relies on a five-character string for access control, which makes it easier for remote malicious users to read backup archives via a brute-force attack.
Wp-db-backup Project Wp-db-backup 2.2.4
4.3
CVSSv3
CVE-2022-0833
The Church Admin WordPress plugin prior to 3.4.135 does not have authorisation and CSRF in some of its action as well as requested files, allowing unauthenticated malicious users to repeatedly request the "refresh-backup" action, and simultaneously keep requesting a pub...
Church Admin Project Church Admin
NA
CVE-2008-0193
Cross-site scripting (XSS) vulnerability in wp-db-backup.php in WordPress 2.0.11 and previous versions, and possibly 2.1.x up to and including 2.3.x, allows remote malicious users to inject arbitrary web script or HTML via the backup parameter in a wp-db-backup.php action to wp-a...
Wordpress Wordpress 2.1.3
Wordpress Wordpress 2.1.3 Rc1
Wordpress Wordpress 2.2 Revision5003
Wordpress Wordpress 2.3
Wordpress Wordpress 2.1
Wordpress Wordpress 2.2.0
Wordpress Wordpress 2.2.1
Wordpress Wordpress 2.2.2
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.1.2
Wordpress Wordpress 2.2.3
Wordpress Wordpress 2.2 Revision5002
Wordpress Wordpress 2.1.3 Rc2
Wordpress Wordpress 2.2
Wordpress Wordpress
1 EDB exploit
NA
CVE-2008-0194
Directory traversal vulnerability in wp-db-backup.php in WordPress 2.0.3 and previous versions allows remote malicious users to read arbitrary files, delete arbitrary files, and cause a denial of service via a .. (dot dot) in the backup parameter in a wp-db-backup.php action to w...
Wordpress Wordpress
NA
CVE-2007-2821
SQL injection vulnerability in wp-admin/admin-ajax.php in WordPress prior to 2.2 allows remote malicious users to execute arbitrary SQL commands via the cookie parameter.
Wordpress Wordpress
1 EDB exploit
1 Github repository
NA
CVE-2007-3238
Cross-site scripting (XSS) vulnerability in functions.php in the default theme in WordPress 2.2 allows remote authenticated administrators to inject arbitrary web script or HTML via the PATH_INFO (REQUEST_URI) to wp-admin/themes.php, a different vulnerability than CVE-2007-1622. ...
Wordpress Wordpress 2.2
7
CVSSv3
CVE-2017-2624
It was found that xorg-x11-server prior to 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations return after an invalid byte is...
X.org Xorg-server
Debian Debian Linux 7.0
1 Github repository
7.5
CVSSv3
CVE-2014-0160
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 prior to 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote malicious users to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrat...
Openssl Openssl
Filezilla-project Filezilla Server
Siemens Application Processing Engine Firmware 2.0
Siemens Cp 1543-1 Firmware 1.1
Siemens Simatic S7-1500 Firmware 1.5
Siemens Simatic S7-1500t Firmware 1.5
Siemens Elan-8.2
Siemens Wincc Open Architecture 3.12
Intellian V100 Firmware 1.20
Intellian V100 Firmware 1.21
Intellian V100 Firmware 1.24
Intellian V60 Firmware 1.15
Intellian V60 Firmware 1.25
Mitel Micollab 6.0
Mitel Micollab 7.0
Mitel Micollab 7.1
Mitel Micollab 7.2
Mitel Micollab 7.3.0.104
Mitel Micollab 7.3
Mitel Mivoice 1.1.3.3
Mitel Mivoice 1.2.0.11
Mitel Mivoice 1.3.2.2
4 EDB exploits
2 Nmap scripts
308 Github repositories
4 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started