Skip to main content

CWE-530

Exposure of Backup File to an Unauthorized Control Sphere

9 CVEs Avg CVSS 4.6 MITRE
0
CRITICAL
3
HIGH
2
MEDIUM
4
LOW
2
POC
0
KEV

Monthly

CVE-2024-56462 HIGH This Week

IBM QRadar 7.5.0 through 7.5.0 UP15 Interim Fix 002 could allow a privileged user to upload a malicious backup archive that could be restored and used to gain access to the underlying operating. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure IBM
NVD VulDB
CVSS 3.1
7.2
EPSS
0.0%
CVE-2025-3773 MEDIUM This Month

A sensitive information exposure vulnerability in System Information Reporter (SIR) 1.0.3 and prior allows an authenticated non-admin local user to extract sensitive information stored in a registry backup folder.

Information Disclosure System Information Reporter
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-12330 HIGH This Month

The WP Database Backup - Unlimited Database & Files Backup by Backup for WP plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.3 via publicly. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2024-3430 LOW Monitor

A vulnerability was found in QKSMS up to 3.9.4 on Android. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google
NVD GitHub VulDB
CVSS 3.1
2.4
EPSS
0.2%
CVE-2024-3128 LOW Monitor

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, has been found in Replify-Messenger 1.0 on Android.xml of the component Backup File Handler. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google
NVD GitHub VulDB
CVSS 3.1
2.4
EPSS
0.3%
CVE-2024-3124 LOW Monitor

A vulnerability classified as problematic has been found in fridgecow smartalarm 1.8.1 on Android. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google
NVD GitHub VulDB
CVSS 3.1
2.4
EPSS
0.3%
CVE-2024-2567 LOW Monitor

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, was found in jurecapuder AndroidWeatherApp 1.0.0 on Android. Rated low severity (CVSS 1.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google
NVD GitHub VulDB
CVSS 3.1
1.8
EPSS
0.2%
CVE-2024-2364 MEDIUM POC This Month

A vulnerability classified as problematic has been found in Musicshelf 1.0/1.1 on Android. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Google Musicshelf
NVD GitHub VulDB
CVSS 3.1
4.6
EPSS
0.3%
CVE-2023-5297 HIGH POC This Week

A vulnerability was found in Xinhu RockOA 2.3.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP Rockoa
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.7%
EPSS 0% CVSS 7.2
HIGH This Week

IBM QRadar 7.5.0 through 7.5.0 UP15 Interim Fix 002 could allow a privileged user to upload a malicious backup archive that could be restored and used to gain access to the underlying operating. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure IBM
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

A sensitive information exposure vulnerability in System Information Reporter (SIR) 1.0.3 and prior allows an authenticated non-admin local user to extract sensitive information stored in a registry backup folder.

Information Disclosure System Information Reporter
NVD
EPSS 1% CVSS 7.5
HIGH This Month

The WP Database Backup - Unlimited Database & Files Backup by Backup for WP plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.3 via publicly. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress Information Disclosure
NVD
EPSS 0% CVSS 2.4
LOW Monitor

A vulnerability was found in QKSMS up to 3.9.4 on Android. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google
NVD GitHub VulDB
EPSS 0% CVSS 2.4
LOW Monitor

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, has been found in Replify-Messenger 1.0 on Android.xml of the component Backup File Handler. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google
NVD GitHub VulDB
EPSS 0% CVSS 2.4
LOW Monitor

A vulnerability classified as problematic has been found in fridgecow smartalarm 1.8.1 on Android. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google
NVD GitHub VulDB
EPSS 0% CVSS 1.8
LOW Monitor

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, was found in jurecapuder AndroidWeatherApp 1.0.0 on Android. Rated low severity (CVSS 1.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google
NVD GitHub VulDB
EPSS 0% CVSS 4.6
MEDIUM POC This Month

A vulnerability classified as problematic has been found in Musicshelf 1.0/1.1 on Android. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Google Musicshelf
NVD GitHub VulDB
EPSS 1% CVSS 7.5
HIGH POC This Week

A vulnerability was found in Xinhu RockOA 2.3.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP Rockoa
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy