Search the Community

Backup, rescue, and restore files with ease! Ashampoo Backup Pro 17 takes the fear out of viruses, ransomware and hardware errors! Experience an easy to use well-designed but powerful backup solution. The new Ashampoo Backup Pro 17 offers you all possible storage options: Back up single files to entire partitions to local drives or online storage providers. In addition, the program is light on resources, gets out of your way and does all the heavy lifting in the background. Restoring your backups is super easy! Ashampoo Backup Pro 17 even comes with a bootable rescue system to restore your system in the event of major system failure! Helps with: Malware infections Hard disk failure Accidentally deleted files Operating system issues Troublesome updates Device theft [Hidden Content] [hide][Hidden Content]]

The ultimate fix for malware infections, hard disk defects and Windows crashes. Ashampoo Backup Pro 17 takes the fear out of viruses, ransomware and hardware errors! Experience an easy to use well-designed but powerful backup solution. The new Ashampoo Backup Pro 17 offers you all possible storage options: Back up single files to entire partitions to local drives or online storage providers. In addition, the program is light on resources, gets out of your way and does all the heavy lifting in the background. Restoring your backups is super easy! Ashampoo Backup Pro 17 even comes with a bootable rescue system to restore your system in the event of major system failure! Helps with: Malware infections Hard disk failure Accidentally deleted files Operating system issues Troublesome updates Device theft [Hidden Content] [hide][Hidden Content]]

Coolmuster iPhone Backup Extractor Data loss will never be a real headache, as long as you own the professional yet easy-to-use Coolmuster iPhone Backup Extractor software. With it, you can extract iPhone data from iTunes backup files on Windows without connecting iPhone to PC. * Extract data from iTunes backup files without connecting iPhone to PC. * Recover both deleted and existing data from iTunes backup. * Support to recover photos, contacts, calendars, SMS, reminders, call history, etc. * Thumbnails and lists preview modes available to preview your files in detail. * 100% read-only, and easy to use with a user-friendly interface. [Hidden Content] [hide][Hidden Content]]

The solution to all data protection needs. File and folder, Drive Image, Virtual Machine and Cloud storage backups at an unbeatable price [Hidden Content] [hide][Hidden Content]]

Bulletproof YouTube Videos is a breaking edge YouTube video backup plugin that is ideal for saving your (or other) YouTube videos to a cloud storage. It uses the YouTube native API to turn your website into a video backup machine! [Hidden Content] [hide][Hidden Content]]

ohmybackup Scans backup folders on target sites. Searches archived files in the folders it finds. With the 2-file scanning system, it adds extensions and filenames in different ways, making it more likely to be found. 1 - files/extensions.txt - This adds new extensions to the file, for example: by adding in the form of .example allows you to retry all the possibilities tried in the new extensions. 2 - files/files.txt - It can scan these folders according to the extensions you added, by giving them new file names. 3 - files/folders.txt - Recursively scans the specified folders. You can add to this list yourself. [hide][Hidden Content]]

[Hidden Content]

ATutor version 2.2.4 suffers from a backup functionality remote command execution vulnerability. View the full article

There exists a command injection vulnerability in the Wordpress plugin wp-database-backup for versions less than 5.2. For the backup functionality, the plugin generates a mysqldump command to execute. The user can choose specific tables to exclude from the backup by setting the wp_db_exclude_table parameter in a POST request to the wp-database-backup page. The names of the excluded tables are included in the mysqldump command unsanitized. Arbitrary commands injected through the wp_db_exclude_table parameter are executed each time the functionality for creating a new database backup are run. Authentication is required to successfully exploit this vulnerability. View the full article

Ahsay Backup versions 7.x through 8.1.1.50 suffer from an XML external entity injection vulnerability. View the full article

This Metasploit module exploits an authenticated insecure file upload and code execution flaw in Ahsay Backup versions 7.x through 8.1.1.50. To successfully execute the upload credentials are needed, default on Ahsay Backup trial accounts are enabled so an account can be created. It can be exploited in Windows and Linux environments to get remote code execution (usually as SYSTEM). This module has been tested successfully on Ahsay Backup v8.1.1.50 with Windows 2003 SP2 Server. Because of this flaw all connected clients can be configured to execute a command before the backup starts. Allowing an attacker to takeover even more systems and make it rain shells! View the full article

This Metasploit module exploits an authenticated insecure file upload and code execution flaw in Ahsay Backup versions 7.x through 8.1.1.50. To successfully execute the upload credentials are needed, default on Ahsay Backup trial accounts are enabled so an account can be created. It can be exploited in Windows and Linux environments to get remote code execution (usually as SYSTEM). This module has been tested successfully on Ahsay Backup v8.1.1.50 with Windows 2003 SP2 Server. Because of this flaw all connected clients can be configured to execute a command before the backup starts. Allowing an attacker to takeover even more systems and make it rain shells! View the full article

Ahsay Backup versions 7.x through 8.1.1.50 suffer from authenticated arbitrary file upload and remote code execution vulnerabilities. View the full article

Backup Key Recovery version 2.2.4 denial of service proof of concept exploit. View the full article

Quest NetVault Backup Server versions prior to 11.4.5 suffer from process manager service SQL injection and remote code execution vulnerabilities. View the full article

Joomla Akeeba Backup component version 6.3.3 suffers from a database disclosure vulnerability. View the full article

Across DR-810 ROM-0 suffers from a backup file disclosure vulnerability. View the full article

Iperius Backup version 5.8.1 suffers from a buffer overflow vulnerability. View the full article

WordPress Hot Backup Manager plugin version 1.0 suffers from a database disclosure vulnerability. View the full article

Joomla JCE component versions 2.5.24 through 2.6.33 suffer from a database backup disclosure vulnerability. View the full article

WordPress WP Complete Backup plugin version 3.0.5 suffers from a database backup disclosure vulnerability. View the full article

WordPress pm_market plugin version 1.0 suffers from a database backup disclosure vulnerability. View the full article

WordPress wawp_framework plugin version 1.0 suffers from a database backup disclosure vulnerability. View the full article

It was discovered that the Unitrends bpserverd proprietary protocol, as exposed via xinetd, has an issue in which its authentication can be bypassed. A remote attacker could use this issue to execute arbitrary commands with root privilege on the target system. This is very similar to exploits/linux/misc/ueb9_bpserverd however it runs against the localhost by dropping a python script on the local file system. Unitrends stopped bpserverd from listening remotely on version 10. View the full article