Vulnerabilities > Urbackup

DATE	CVE	VULNERABILITY TITLE	RISK
2023-11-07	CVE-2023-47102	Information Exposure Through Discrepancy vulnerability in Urbackup Server 2.5.31 UrBackup Server 2.5.31 allows brute-force enumeration of user accounts because a failure message confirms that a username is not valid. network low complexity urbackup CWE-203	5.3
2019-06-18	CVE-2018-20013	Improper Input Validation vulnerability in Urbackup 2.2.6 In UrBackup 2.2.6, an attacker can send a malformed request to the client over the network, and trigger a fileservplugin/CClientThread.cpp CClientThread::ProcessPacket metadata_id!=0 assertion, leading to shutting down the client application. network low complexity urbackup CWE-20	5.0
2019-06-07	CVE-2018-20014	NULL Pointer Dereference vulnerability in Urbackup 2.2.6 In UrBackup 2.2.6, an attacker can send a malformed request to the client over the network, and trigger a fileservplugin/CClientThread.cpp CClientThread::GetFileHashAndMetadata NULL pointer dereference, leading to shutting down the client application. network low complexity urbackup CWE-476	5.0
2017-12-17	CVE-2017-16950	Cross-site Scripting vulnerability in Urbackup Server Cross - site scripting (XSS) vulnerability in UrBackup Server before 2.1.20 allows remote attackers to inject arbitrary web script or HTML via the action parameter. network urbackup CWE-79	4.3

Vulnerabilities > Urbackup {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Urbackup"}]}