Total
2367 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-25828 | 1 Pluck-cms | 1 Pluck | 2023-11-07 | N/A | 7.2 HIGH |
| Pluck CMS is vulnerable to an authenticated remote code execution (RCE) vulnerability through its “albums” module. Albums are used to create collections of images that can be inserted into web pages across the site. Albums allow the upload of various filetypes, which undergo a normalization process before being available on the site. Due to lack of file extension validation, it is possible to upload a crafted JPEG payload containing an embedded PHP web-shell. An attacker may navigate to it directly to achieve RCE on the underlying web server. Administrator credentials for the Pluck CMS web interface are required to access the albums module feature, and are thus required to exploit this vulnerability. CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C (8.2 High) | |||||
| CVE-2023-23937 | 1 Pimcore | 1 Pimcore | 2023-11-07 | N/A | 5.4 MEDIUM |
| Pimcore is an Open Source Data & Experience Management Platform: PIM, MDM, CDP, DAM, DXP/CMS & Digital Commerce. The upload functionality for updating user profile does not properly validate the file content-type, allowing any authenticated user to bypass this security check by adding a valid signature (p.e. GIF89) and sending any invalid content-type. This could allow an authenticated attacker to upload HTML files with JS content that will be executed in the context of the domain. This issue has been patched in version 10.5.16. | |||||
| CVE-2023-23707 | 1 Awsm | 1 Embed Any Document | 2023-11-07 | N/A | 5.4 MEDIUM |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), Unrestricted Upload of File with Dangerous Type vulnerability in Awsm Innovations Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files allows Stored XSS via upload of SVG and HTML files. This issue affects Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files plugin <= 2.7.1 versions. | |||||
| CVE-2023-23607 | 1 Dasherr Project | 1 Dasherr | 2023-11-07 | N/A | 9.8 CRITICAL |
| erohtar/Dasherr is a dashboard for self-hosted services. In affected versions unrestricted file upload allows any unauthenticated user to execute arbitrary code on the server. The file /www/include/filesave.php allows for any file to uploaded to anywhere. If an attacker uploads a php file they can execute code on the server. This issue has been addressed in version 1.05.00. Users are advised to upgrade. There are no known workarounds for this issue. | |||||
| CVE-2023-20134 | 1 Cisco | 1 Webex Meetings | 2023-11-07 | N/A | 6.5 MEDIUM |
| Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack or upload arbitrary files as recordings. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2023-20073 | 1 Cisco | 8 Rv340, Rv340 Firmware, Rv340w and 5 more | 2023-11-07 | N/A | 9.8 CRITICAL |
| A vulnerability in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device. This vulnerability is due to insufficient authorization enforcement mechanisms in the context of file uploads. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to upload arbitrary files to the affected device. | |||||
| CVE-2023-1406 | 1 Crocoblock | 1 Jetengine For Elementor | 2023-11-07 | N/A | 8.8 HIGH |
| The JetEngine WordPress plugin before 3.1.3.1 includes uploaded files without adequately ensuring that they are not executable, leading to a remote code execution vulnerability. | |||||
| CVE-2023-0587 | 1 Trendmicro | 1 Apex One | 2023-11-07 | N/A | 9.1 CRITICAL |
| A file upload vulnerability in exists in Trend Micro Apex One server build 11110. Using a malformed Content-Length header in an HTTP PUT message sent to URL /officescan/console/html/cgi/fcgiOfcDDA.exe, an unauthenticated remote attacker can upload arbitrary files to the SampleSubmission directory (i.e., \PCCSRV\TEMP\SampleSubmission) on the server. The attacker can upload a large number of large files to fill up the file system on which the Apex One server is installed. | |||||
| CVE-2023-0477 | 1 Cm-wp | 1 Auto Featured Image | 2023-11-07 | N/A | 8.8 HIGH |
| The Auto Featured Image (Auto Post Thumbnail) WordPress plugin before 3.9.16 includes an AJAX endpoint that allows any user with at least Author privileges to upload arbitrary files, such as PHP files. This is caused by incorrect file extension validation. | |||||
| CVE-2023-0255 | 1 Shortpixel | 1 Enable Media Replace | 2023-11-07 | N/A | 8.8 HIGH |
| The Enable Media Replace WordPress plugin before 4.0.2 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites. | |||||
| CVE-2022-4506 | 1 Open-emr | 1 Openemr | 2023-11-07 | N/A | 8.8 HIGH |
| Unrestricted Upload of File with Dangerous Type in GitHub repository openemr/openemr prior to 7.0.0.2. | |||||
| CVE-2022-4276 | 1 House Rental System Project | 1 House Rental System | 2023-11-07 | N/A | 9.8 CRITICAL |
| A vulnerability was found in House Rental System and classified as critical. Affected by this issue is some unknown functionality of the file tenant-engine.php of the component POST Request Handler. The manipulation of the argument id_photo leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214772. | |||||
| CVE-2022-4272 | 1 Warehouse Management System Project | 1 Warehouse Management System | 2023-11-07 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, has been found in FeMiner wms. Affected by this issue is some unknown functionality of the file /product/savenewproduct.php?flag=1. The manipulation of the argument upfile leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214760. | |||||
| CVE-2022-47615 | 1 Thimpress | 1 Learnpress | 2023-11-07 | N/A | 9.8 CRITICAL |
| Local File Inclusion vulnerability in LearnPress – WordPress LMS Plugin <= 4.1.7.3.2 versions. | |||||
| CVE-2022-46660 | 1 Ge | 1 Proficy Historian | 2023-11-07 | N/A | 6.5 MEDIUM |
| An unauthorized user could alter or write files with full control over the path and content of the file. | |||||
| CVE-2022-46604 | 1 Tecrail | 1 Responsive Filemanager | 2023-11-07 | N/A | 8.8 HIGH |
| An issue in Tecrail Responsive FileManager v9.9.5 and below allows attackers to bypass the file extension check mechanism and upload a crafted PHP file, leading to arbitrary code execution. | |||||
| CVE-2022-45476 | 1 Tiny File Manager Project | 1 Tiny File Manager | 2023-11-07 | N/A | 9.8 CRITICAL |
| Tiny File Manager version 2.4.8 executes the code of files uploaded by users of the application, instead of just returning them for download. This is possible because the application is vulnerable to insecure file upload. | |||||
| CVE-2022-45359 | 1 Yithemes | 1 Yith Woocommerce Gift Cards | 2023-11-07 | N/A | 9.8 CRITICAL |
| Unauth. Arbitrary File Upload vulnerability in YITH WooCommerce Gift Cards premium plugin <= 3.19.0 on WordPress. | |||||
| CVE-2022-43146 | 1 Canteen Management System Project | 1 Canteen Management System | 2023-11-07 | N/A | 7.2 HIGH |
| An arbitrary file upload vulnerability in the image upload function of Canteen Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. | |||||
| CVE-2022-40721 | 1 Creativedream File Uploader Project | 1 Creativedream File Uploader | 2023-11-07 | N/A | 9.8 CRITICAL |
| Arbitrary file upload vulnerability in php uploader | |||||