Vulnerabilities (CVE)

Filtered by CWE-434
Total 2367 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-7836 1 Schneider-electric 1 Iiot Monitor 2019-02-06 7.5 HIGH 9.8 CRITICAL
An unrestricted Upload of File with Dangerous Type vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow upload and execution of malicious files.
CVE-2018-1000839 1 Librehealth 1 Librehealth Ehr 2019-02-01 6.5 MEDIUM 8.8 HIGH
LH-EHR version REL-2_0_0 contains a Arbitrary File Upload vulnerability in Profile picture upload that can result in Remote Code Execution. This attack appear to be exploitable via Uploading a PHP file with image MIME type.
CVE-2018-15537 1 Ocsinventory-ng 1 Ocsinventory Ng 2019-01-31 6.5 MEDIUM 8.8 HIGH
Unrestricted file upload (with remote code execution) in OCS Inventory NG ocsreports allows a privileged user to gain access to the server via crafted HTTP requests.
CVE-2018-20166 1 Rukovoditel 1 Rukovoditel 2019-01-31 6.5 MEDIUM 8.8 HIGH
A file-upload vulnerability exists in Rukovoditel 2.3.1. index.php?module=configuration/save allows the user to upload a background image, and mishandles extension checking. It accepts uploads of PHP content if the first few characters match GIF data, and the filename ends in ".php" with mixed case, such as the .pHp extension.
CVE-2018-18888 1 Laravelcms Project 1 Laravelcms 2019-01-29 7.5 HIGH 9.8 CRITICAL
An issue was discovered in laravelCMS through 2018-04-02. \app\Http\Controllers\Backend\ProfileController.php allows upload of arbitrary PHP files because the file extension is not properly checked and uploaded files are not properly renamed.
CVE-2018-16169 1 Cybozu 1 Remote Service Manager 2019-01-14 6.5 MEDIUM 8.8 HIGH
Cybozu Remote Service 3.0.0 to 3.1.0 allows remote authenticated attackers to upload and execute Java code file on the server via unspecified vectors.
CVE-2018-18315 1 Mossle 1 Lemon 2019-01-11 5.0 MEDIUM 7.5 HIGH
com/mossle/cdn/CdnController.java in lemon 1.9.0 allows attackers to upload arbitrary files because the copyMultipartFileToFile method in CdnUtils only checks for a ../ substring, and does not validate the file type and spaceName parameter.
CVE-2018-1000811 1 Bludit 1 Bludit 2019-01-07 6.5 MEDIUM 8.8 HIGH
bludit version 3.0.0 contains a Unrestricted Upload of File with Dangerous Type vulnerability in Content Upload in Pages Editor that can result in Remote Command Execution. This attack appear to be exploitable via malicious user have to upload a crafted payload containing PHP code.
CVE-2018-16093 1 Lenovo 1 Xclarity Integrator 2018-12-28 4.0 MEDIUM 6.5 MEDIUM
In versions prior to 5.5, LXCI for VMware allows an authenticated user to write to any system file due to insufficient sanitization during the upload of a backup file.
CVE-2018-16097 1 Lenovo 1 Xclarity Integrator 2018-12-28 4.0 MEDIUM 6.5 MEDIUM
LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System Center versions prior to 3.5, allow an authenticated user to write to any system file due to insufficient sanitization during the upload of a certificate.
CVE-2018-19537 1 Tp-link 2 Archer C5, Archer C5 Firmware 2018-12-28 9.0 HIGH 7.2 HIGH
TP-Link Archer C5 devices through V2_160201_US allow remote command execution via shell metacharacters on the wan_dyn_hostname line of a configuration file that is encrypted with the 478DA50BF9E3D2CF key and uploaded through the web GUI by using the web admin account. The default password of admin may be used in some cases.
CVE-2018-19421 1 Get-simple 1 Getsimple Cms 2018-12-28 4.0 MEDIUM 3.8 LOW
In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but Internet Explorer render HTML elements in a .eml file, because of admin/upload-uploadify.php, and validate_safe_file in admin/inc/security_functions.php.
CVE-2018-19420 1 Get-simple 1 Getsimple Cms 2018-12-28 4.0 MEDIUM 3.8 LOW
In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but there are several alternative cases in which HTML can be executed, such as a file with no extension or an unrecognized extension (e.g., the test or test.asdf filename), because of admin/upload-uploadify.php, and validate_safe_file in admin/inc/security_functions.php.
CVE-2018-18565 1 Roche 10 Accu-chek Inform Ii, Accu-chek Inform Ii Firmware, Coaguchek Pro Ii and 7 more 2018-12-28 4.1 MEDIUM 6.8 MEDIUM
An issue was discovered in Roche Accu-Chek Inform II Instrument before 03.06.00 (Serial number below 14000) and 04.x before 04.03.00 (Serial Number above 14000), CoaguChek Pro II before 04.03.00, CoaguChek XS Plus before 03.01.06, CoaguChek XS Pro before 03.01.06, cobas h 232 before 03.01.03 (Serial number below KQ0400000 or KS0400000), and cobas h 232 before 04.00.04 (Serial number above KQ0400000 or KS0400000). A vulnerability in the software update mechanism allows authenticated attackers in the adjacent network to overwrite arbitrary files on the system through a crafted update package.
CVE-2018-19424 1 Clippercms 1 Clippercms 2018-12-27 6.5 MEDIUM 7.2 HIGH
ClipperCMS 1.3.3 allows remote authenticated administrators to upload .htaccess files.
CVE-2018-19692 1 Tp5cms Project 1 Tp5cms 2018-12-27 7.5 HIGH 9.8 CRITICAL
An issue was discovered in tp5cms through 2017-05-25. admin.php/upload/picture.html allows remote attackers to execute arbitrary PHP code by uploading a .php file with the image/jpeg content type.
CVE-2018-19562 1 Phpok 1 Phpok 2018-12-19 6.8 MEDIUM 8.8 HIGH
An issue was discovered in PHPok 4.9.015. admin.php?c=update&f=unzip allows remote attackers to execute arbitrary code via a "Login Background > Program Upgrade > Compressed Packet Upgrade" action in which a .php file is inside a ZIP archive.
CVE-2018-9207 1 Hayageek 1 Jquery Upload File 2018-12-18 7.5 HIGH 9.8 CRITICAL
Arbitrary file upload in jQuery Upload File <= 4.0.2
CVE-2018-19457 1 Logicspice 1 Faq Script 2018-12-18 6.5 MEDIUM 7.2 HIGH
Logicspice FAQ Script 2.9.7 allows uploading arbitrary files, which leads to remote command execution via admin/faqs/faqimages with a .php file.
CVE-2018-18793 1 School Event Management System Project 1 School Event Management System 2018-12-18 7.5 HIGH 9.8 CRITICAL
School Event Management System 1.0 allows Arbitrary File Upload via event/controller.php?action=photos.