Total
2367 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-13464 | 1 Modsecurity | 1 Owasp Modsecurity Core Rule Set | 2019-07-15 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) 3.0.2. Use of X.Filename instead of X_Filename can bypass some PHP Script Uploads rules, because PHP automatically transforms dots into underscores in certain contexts where dots are invalid. | |||||
| CVE-2014-9312 | 1 10web | 1 Photo Gallery | 2019-07-08 | 6.5 MEDIUM | 8.8 HIGH |
| Unrestricted File Upload vulnerability in Photo Gallery 1.2.5. | |||||
| CVE-2019-13082 | 1 Chamilo | 1 Chamilo Lms | 2019-07-03 | 7.5 HIGH | 9.8 CRITICAL |
| Chamilo LMS 1.11.8 and 2.x allows remote code execution through an lp_upload.php unauthenticated file upload feature. It extracts a ZIP archive before checking its content, and once it has been extracted, does not check files in a recursive way. This means that by putting a .php file in a folder and then this folder in a ZIP archive, the server will accept this file without any checks. Because one can access this file from the website, it is remote code execution. This is related to a scorm imsmanifest.xml file, the import_package function, and extraction in $courseSysDir.$newDir. | |||||
| CVE-2019-9842 | 1 Miniblog Project | 1 Miniblog | 2019-06-19 | 6.5 MEDIUM | 7.2 HIGH |
| madskristensen MiniBlog through 2018-05-18 allows remote attackers to execute arbitrary ASPX code via an IMG element with a data: URL, because SaveFilesToDisk in app_code/handlers/PostHandler.cs writes a decoded base64 string to a file without validating the extension. | |||||
| CVE-2019-5357 | 1 Hp | 1 Intelligent Management Center | 2019-06-06 | 9.0 HIGH | 8.8 HIGH |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-12377 | 1 Ivanti | 1 Landesk Management Suite | 2019-06-04 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerable upl/async_upload.asp web API endpoint in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Service Update 5 allows arbitrary file upload, which may lead to arbitrary remote code execution. | |||||
| CVE-2019-12150 | 1 Karamasoft | 1 Ultimateeditor | 2019-05-30 | 7.5 HIGH | 9.8 CRITICAL |
| Karamasoft UltimateEditor 1 does not ensure that an uploaded file is an image or document (neither file types nor extensions are restricted). The attacker must use the Attach icon to perform an upload. An uploaded file is accessible under the UltimateEditorInclude/UserFiles/ URI. | |||||
| CVE-2016-10751 | 1 Osclass | 1 Osclass | 2019-05-29 | 6.5 MEDIUM | 7.2 HIGH |
| osClass 3.6.1 allows oc-admin/plugins.php Directory Traversal via the plugin parameter. This is exploitable for remote PHP code execution because an administrator can upload an image that contains PHP code in the EXIF data via index.php?page=ajax&action=ajax_upload. | |||||
| CVE-2016-10752 | 1 S9y | 1 Serendipity | 2019-05-29 | 7.5 HIGH | 9.8 CRITICAL |
| serendipity_moveMediaDirectory in Serendipity 2.0.3 allows remote attackers to upload and execute arbitrary PHP code because it mishandles an extensionless filename during a rename, as demonstrated by "php" as a filename. | |||||
| CVE-2016-10758 | 1 Phpkit | 1 Phpkit | 2019-05-29 | 6.5 MEDIUM | 8.8 HIGH |
| PHPKIT 1.6.6 allows arbitrary File Upload, as demonstrated by a .php file to pkinc/admin/mediaarchive.php and pkinc/func/default.php via the image_name parameter. | |||||
| CVE-2019-9951 | 1 Western Digital | 15 My Cloud, My Cloud Dl2100, My Cloud Dl4100 and 12 more | 2019-05-28 | 7.5 HIGH | 9.8 CRITICAL |
| Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud EX4100, My Cloud DL2100, My Cloud DL4100, My Cloud PR2100 and My Cloud PR4100 firmware before 2.31.174 is affected by an unauthenticated file upload vulnerability. The page web/jquery/uploader/uploadify.php can be accessed without any credentials, and allows uploading arbitrary files to any location on the attached storage. | |||||
| CVE-2018-19612 | 1 Westermo | 6 Dr-250, Dr-250 Firmware, Dr-260 and 3 more | 2019-05-28 | 6.5 MEDIUM | 8.8 HIGH |
| The /uploadfile? functionality in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allows remote users to upload malicious file types and execute ASP code. | |||||
| CVE-2017-11561 | 1 Zohocorp | 1 Manageengine Opmanager | 2019-05-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in ZOHO ManageEngine OpManager 12.2. An authenticated user can upload any file they want to share in the "Group Chat" or "Alarm" section. This functionality can be abused by a malicious user by uploading a web shell. | |||||
| CVE-2019-6513 | 1 Wso2 | 1 Api Manager | 2019-05-23 | 5.5 MEDIUM | 5.4 MEDIUM |
| An issue was discovered in WSO2 API Manager 2.6.0. It is possible for a logged-in user to upload, as API documentation, any type of file by changing the extension to an allowed one. | |||||
| CVE-2019-8404 | 1 Webiness Inventory Project | 1 Webiness Inventory | 2019-05-22 | 5.5 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Webiness Inventory 2.3. The ProductModel component allows Arbitrary File Upload via a crafted product image during the creation of a new product. Consequently, an attacker can steal information from the site with the help of an installed executable file, or change the contents of pages. | |||||
| CVE-2019-11887 | 1 Simplybook | 1 Simplybook | 2019-05-20 | 7.5 HIGH | 9.8 CRITICAL |
| SimplyBook.me through 2019-05-11 does not properly restrict File Upload which could allow remote code execution. | |||||
| CVE-2018-4063 | 1 Sierrawireless | 2 Airlink Es450, Airlink Es450 Firmware | 2019-05-07 | 9.0 HIGH | 8.8 HIGH |
| An exploitable remote code execution vulnerability exists in the upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can upload a file, resulting in executable code being uploaded, and routable, to the webserver. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2019-11028 | 1 Gatship | 1 Web Module | 2019-05-03 | 6.5 MEDIUM | 8.8 HIGH |
| GAT-Ship Web Module before 1.40 suffers from a vulnerability allowing authenticated attackers to upload any file type to the server via the "Documents" area. This vulnerability is related to "uploadDocFile.aspx". | |||||
| CVE-2019-11615 | 1 Doorgets | 1 Doorgets Cms | 2019-05-01 | 6.5 MEDIUM | 8.8 HIGH |
| /fileman/php/upload.php in doorGets 7.0 has an arbitrary file upload vulnerability. A remote normal registered user can use this vulnerability to upload backdoor files to control the server. | |||||
| CVE-2019-11568 | 1 Aikcms | 1 Aikcms | 2019-04-29 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in AikCms v2.0. There is a File upload vulnerability, as demonstrated by an admin/page/system/nav.php request with PHP code in a .php file with the application/octet-stream content type. | |||||