Total
2367 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-14521 | 1 Wondercms | 1 Wondercms | 2019-04-26 | 6.5 MEDIUM | 8.8 HIGH |
| In WonderCMS 2.3.1, the upload functionality accepts random application extensions and leads to malicious File Upload. | |||||
| CVE-2019-11446 | 1 Atutor | 1 Atutor | 2019-04-26 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in ATutor through 2.2.4. It allows the user to run commands on the server with the teacher user privilege. The Upload Files section in the File Manager field contains an arbitrary file upload vulnerability via upload.php. The $IllegalExtensions value only lists lowercase (and thus .phP is a bypass), and omits .shtml and .phtml. | |||||
| CVE-2016-7443 | 1 Exponentcms | 1 Exponent Cms | 2019-04-25 | 7.5 HIGH | 9.8 CRITICAL |
| Exponent CMS 2.3.0 through 2.3.9 allows remote attackers to have unspecified impact via vectors related to "uploading files to wrong location." | |||||
| CVE-2019-11401 | 1 Siteserver | 1 Siteserver Cms | 2019-04-24 | 6.5 MEDIUM | 7.2 HIGH |
| A issue was discovered in SiteServer CMS 6.9.0. It allows remote attackers to execute arbitrary code because an administrator can add the permitted file extension .aassp, which is converted to .asp because the "as" substring is deleted. | |||||
| CVE-2019-11445 | 1 Openkm | 1 Openkm | 2019-04-23 | 9.0 HIGH | 7.2 HIGH |
| OpenKM 6.3.2 through 6.3.7 allows an attacker to upload a malicious JSP file into the /okm:root directories and move that file to the home directory of the site, via frontend/FileUpload and admin/repository_export.jsp. This is achieved by interfering with the Filesystem path control in the admin's Export field. As a result, attackers can gain remote code execution through the application server with root privileges. | |||||
| CVE-2019-11377 | 1 Wcms | 1 Wcms | 2019-04-22 | 6.5 MEDIUM | 8.8 HIGH |
| wcms/wex/finder/action.php in WCMS v0.3.2 has a Arbitrary File Upload Vulnerability via developer/finder because .php is a valid extension according to the fm_get_text_exts function. | |||||
| CVE-2019-11344 | 1 Pluck-cms | 1 Pluck | 2019-04-22 | 7.5 HIGH | 9.8 CRITICAL |
| data/inc/files.php in Pluck 4.7.8 allows remote attackers to execute arbitrary code by uploading a .htaccess file that specifies SetHandler x-httpd-php for a .txt file, because only certain PHP-related filename extensions are blocked. | |||||
| CVE-2018-19453 | 1 Kentico | 1 Kentico Cms | 2019-04-11 | 6.8 MEDIUM | 8.8 HIGH |
| Kentico CMS before 11.0.45 allows unrestricted upload of a file with a dangerous type. | |||||
| CVE-2019-10478 | 1 Glory-global | 2 Rbw-100, Rbw-100 Firmware | 2019-04-09 | 9.0 HIGH | 7.2 HIGH |
| An issue was discovered on Glory RBW-100 devices with firmware ISP-K05-02 7.0.0. An unrestricted file upload vulnerability in the Front Circle Controller glytoolcgi/settingfile_upload.cgi allows attackers to upload supplied data. This can be used to place attacker controlled code on the filesystem that can be executed and can lead to a reverse root shell. | |||||
| CVE-2019-9692 | 1 Cmsmadesimple | 1 Cms Made Simple | 2019-04-02 | 4.0 MEDIUM | 6.5 MEDIUM |
| class.showtime2_image.php in CMS Made Simple (CMSMS) before 2.2.10 does not ensure that a watermark file has a standard image file extension (GIF, JPG, JPEG, or PNG). | |||||
| CVE-2019-10276 | 1 Cobub | 1 Razor | 2019-04-01 | 7.5 HIGH | 9.8 CRITICAL |
| Western Bridge Cobub Razor 0.8.0 has a file upload vulnerability via the web/assets/swf/uploadify.php URI, as demonstrated by a .php file with the image/jpeg content type. | |||||
| CVE-2019-10647 | 1 Zzzcms | 1 Zzzphp | 2019-04-01 | 7.5 HIGH | 9.8 CRITICAL |
| ZZZCMS zzzphp v1.6.3 allows remote attackers to execute arbitrary PHP code via a .php URL in the plugins/ueditor/php/controller.php?action=catchimage source[] parameter because of a lack of inc/zzz_file.php restrictions. For example, source%5B%5D=http%3A%2F%2F192.168.0.1%2Ftest.php can be used if the 192.168.0.1 web server sends the contents of a .php file (i.e., it does not interpret a .php file). | |||||
| CVE-2019-10652 | 1 Flatcore | 1 Flatcore | 2019-04-01 | 6.5 MEDIUM | 7.2 HIGH |
| An issue was discovered in flatCore 1.4.7. acp/acp.php allows remote authenticated administrators to upload arbitrary .php files, related to the addons feature. | |||||
| CVE-2018-11345 | 1 Asustor | 2 As6202t, As6202t Firmware | 2019-03-29 | 6.5 MEDIUM | 8.8 HIGH |
| An unrestricted file upload vulnerability in upload.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to upload supplied data via the POST parameter filename. This can be used to place attacker controlled code on the file system that can then be executed. Further, the filename parameter is vulnerable to path traversal and allows the attacker to place the file anywhere on the system. | |||||
| CVE-2017-15580 | 1 Osticket | 1 Osticket | 2019-03-26 | 7.5 HIGH | 9.8 CRITICAL |
| osTicket 1.10.1 provides a functionality to upload 'html' files with associated formats. However, it does not properly validate the uploaded file's contents and thus accepts any type of file, such as with a tickets.php request that is modified with a .html extension changed to a .exe extension. An attacker can leverage this vulnerability to upload arbitrary files on the web application having malicious content. | |||||
| CVE-2018-20526 | 1 Roxyfileman | 1 Roxy Fileman | 2019-03-22 | 7.5 HIGH | 9.8 CRITICAL |
| Roxy Fileman 1.4.5 allows unrestricted file upload in upload.php. | |||||
| CVE-2018-19514 | 1 Ens | 1 Webgalamb | 2019-03-21 | 7.5 HIGH | 9.8 CRITICAL |
| In Webgalamb through 7.0, an arbitrary code execution vulnerability could be exploited remotely without authentication. Exploitation requires authentication bypass to access administrative functions of the site to upload a crafted CSV file with a malicious payload that becomes part of a PHP eval() expression in the subscriber.php file. | |||||
| CVE-2018-11340 | 1 Asustor | 2 As6202t, As6202t Firmware | 2019-03-21 | 9.0 HIGH | 7.2 HIGH |
| An unrestricted file upload vulnerability in importuser.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to upload supplied data to a specified filename. This can be used to place attacker controlled code on the file system that is then executed. | |||||
| CVE-2018-1000094 | 1 Cmsmadesimple | 1 Cms Made Simple | 2019-03-19 | 6.5 MEDIUM | 7.2 HIGH |
| CMS Made Simple version 2.2.5 contains a Remote Code Execution vulnerability in File Manager that can result in Allows an authenticated admin that has access to the file manager to execute code on the server. This attack appear to be exploitable via File upload -> copy to any extension. | |||||
| CVE-2019-9825 | 1 Feifeicms | 1 Feifeicms | 2019-03-19 | 7.5 HIGH | 9.8 CRITICAL |
| FeiFeiCMS 4.1.190209 allows remote attackers to upload and execute arbitrary PHP code by visiting index.php?s=Admin-Index to modify the set of allowable file extensions, as demonstrated by adding php to the default jpg,gif,png,jpeg setting, and then using the "add article" feature. | |||||