VYPR

Super Backup

by Dropouts Technologies LLP

CVEs (2)

  • CVE-2020-23061HigOct 22, 2021
    risk 0.49cvss 7.5epss 0.02

    Dropouts Technologies LLP Super Backup v2.0.5 was discovered to contain an issue in the path parameter of the `list` and `download` module which allows attackers to perform a directory traversal via a change to the path variable to request the local list command.

  • CVE-2020-23042MedOct 22, 2021
    risk 0.40cvss 6.1epss 0.01

    Dropouts Technologies LLP Super Backup v2.0.5 was discovered to contain a cross-site scripting (XSS) vulnerability in the path parameter of the `list` and `download` module. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted GET request.