All 6 CVE vulnerabilities found in BackupBliss – Backup & Migration with Free Cloud Storage, with AI-generated Chinese analysis, references, and POCs.
Vendor: inisev
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-14944 | Backup Migration <= 2.0.0 - Missing Authorization to Unauthenticated Backup Upload to Offline Storage CWE-862 | 5.3 | Medium | 2026-04-07 |
| CVE-2024-10932 | Backup Migration <= 1.4.6 - Unauthenticated PHP Object Injection via 'recursive_unserialize_replace' CWE-502 | 8.8 | High | 2025-01-04 |
| CVE-2023-6266 | Backup Migration <= 1.3.6 - Unauthenticated Arbitrary Backup Download to Sensitive Information Exposure CWE-200 | 7.5 | High | 2024-01-11 |
| CVE-2023-7002 | Backup Migration <= 1.3.9 - Authenticated (Admin+) OS Command Injection via url CWE-78 | 7.2 | High | 2023-12-23 |
| CVE-2023-6972 | Backup Migration <= 1.3.9 - Unauthenticated Path Traversal to Arbitrary File Deletion CWE-22 | 9.8 | Critical | 2023-12-23 |
| CVE-2023-6553 | Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution CWE-94 | 9.8 | Critical | 2023-12-15 |
All 6 known CVE vulnerabilities affecting BackupBliss – Backup & Migration with Free Cloud Storage with full Chinese analysis, references, and POCs where available.