Total
2367 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-19303 | 1 Houdunren | 1 Hdcms | 2021-08-11 | 6.8 MEDIUM | 7.8 HIGH |
| An arbitrary file upload vulnerability in /fileupload.php of hdcms 5.7 allows attackers to execute arbitrary code via a crafted file. | |||||
| CVE-2021-32594 | 1 Fortinet | 1 Fortiportal | 2021-08-11 | 5.5 MEDIUM | 8.1 HIGH |
| An unrestricted file upload vulnerability in the web interface of FortiPortal 6.0.0 through 6.0.4, 5.3.0 through 5.3.5, 5.2.0 through 5.2.5, and 4.2.2 and earlier may allow a low-privileged user to potentially tamper with the underlying system's files via the upload of specifically crafted files. | |||||
| CVE-2021-25200 | 1 Learning Management System Project | 1 Learning Management System | 2021-08-03 | 7.5 HIGH | 9.8 CRITICAL |
| Arbitrary file upload vulnerability in SourceCodester Learning Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to \lms\student_avatar.php. | |||||
| CVE-2021-25210 | 1 Alumni Management System Project | 1 Alumni Management System | 2021-07-30 | 7.5 HIGH | 9.8 CRITICAL |
| Arbitrary file upload vulnerability in SourceCodester Alumni Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to manage_event.php. | |||||
| CVE-2021-37444 | 1 Nchsoftware | 1 Ivm Attendant | 2021-07-30 | 6.5 MEDIUM | 8.8 HIGH |
| NCH IVM Attendant v5.12 and earlier suffers from a directory traversal weakness upon uploading plugins in a ZIP archive. This can lead to code execution if a ZIP element's pathname is set to a Windows startup folder, a file for the inbuilt Out-Going Message function, or a file for the the inbuilt Autodial function. | |||||
| CVE-2021-25203 | 1 Victor Cms Project | 1 Victor Cms | 2021-07-29 | 7.5 HIGH | 9.8 CRITICAL |
| Arbitrary file upload vulnerability in Victor CMS v 1.0 allows attackers to execute arbitrary code via the file upload to \CMSsite-master\admin\includes\admin_add_post.php. | |||||
| CVE-2017-9650 | 2 Automatedlogic, Carrier | 3 I-vu, Sitescan Web, Automatedlogic Webctrl | 2021-07-27 | 4.6 MEDIUM | 7.8 HIGH |
| An Unrestricted Upload of File with Dangerous Type issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. An authenticated attacker may be able to upload a malicious file allowing the execution of arbitrary code. | |||||
| CVE-2021-35963 | 1 Learningdigital | 1 Orca Hcm | 2021-07-27 | 10.0 HIGH | 9.8 CRITICAL |
| The specific parameter of upload function of the Orca HCM digital learning platform does not filter file format, which allows remote unauthenticated attackers to upload files containing malicious script to execute RCE attacks. | |||||
| CVE-2019-12548 | 1 Bludit | 1 Bludit | 2021-07-21 | 6.5 MEDIUM | 8.8 HIGH |
| Bludit before 3.9.0 allows remote code execution for an authenticated user by uploading a php file while changing the logo through /admin/ajax/upload-logo. | |||||
| CVE-2020-35797 | 1 Netgear | 2 Nms300, Nms300 Firmware | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| NETGEAR NMS300 devices before 1.6.0.27 are affected by command injection by an unauthenticated attacker. | |||||
| CVE-2019-9642 | 1 Pydio | 1 Pydio | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in proxy.php in pydio-core in Pydio through 8.2.2. Through an unauthenticated request, it possible to evaluate malicious PHP code by placing it on the fourth line of a .php file, as demonstrated by a PoC.php created by the guest account, with execution via a proxy.php?hash=../../../../../var/lib/pydio/data/personal/guest/PoC.php request. This is related to plugins/action.share/src/Store/ShareStore.php. | |||||
| CVE-2020-13994 | 1 Mods-for-hesk | 1 Mods For Hesk | 2021-07-21 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in Mods for HESK 3.1.0 through 2019.1.0. A privileged user can achieve code execution on the server via a ticket because of improper access control of uploaded resources. This might be exploitable in conjunction with CVE-2020-13992 by an unauthenticated attacker. | |||||
| CVE-2020-25483 | 1 Ucms Project | 1 Ucms | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| An arbitrary command execution vulnerability exists in the fopen() function of file writes of UCMS v1.4.8, where an attacker can gain access to the server. | |||||
| CVE-2019-8942 | 2 Debian, Wordpress | 2 Debian Linux, Wordpress | 2021-07-21 | 6.5 MEDIUM | 8.8 HIGH |
| WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif metadata. Exploitation can leverage CVE-2019-8943. | |||||
| CVE-2020-35949 | 1 Expresstech | 1 Quiz And Survey Master | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It made it possible for unauthenticated attackers to upload arbitrary files and achieve remote code execution. If a quiz question could be answered by uploading a file, only the Content-Type header was checked during the upload, and thus the attacker could use text/plain for a .php file. | |||||
| CVE-2019-8371 | 1 Open-emr | 1 Openemr | 2021-07-21 | 9.0 HIGH | 7.2 HIGH |
| OpenEMR v5.0.1-6 allows code execution. | |||||
| CVE-2020-11598 | 1 Cipplanner | 1 Cipace | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Upload.ashx allows remote attackers to execute arbitrary code by uploading and executing an ASHX file. | |||||
| CVE-2020-13260 | 1 Rad | 2 Secflow-1v, Secflow-1v Firmware | 2021-07-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A vulnerability in the web-based management interface of RAD SecFlow-1v through 2020-05-21 could allow an authenticated attacker to upload a JavaScript file, with a stored XSS payload, that will remain stored in the system as an OVPN file in Configuration-Services-Security-OpenVPN-Config or as the static key file in Configuration-Services-Security-OpenVPN-Static Keys. This payload will execute each time a user opens an affected web page. This could be exploited in conjunction with CVE-2020-13259. | |||||
| CVE-2019-15766 | 1 Kslabs | 1 Ksweb | 2021-07-21 | 6.5 MEDIUM | 8.8 HIGH |
| The KSLABS KSWEB (aka ru.kslabs.ksweb) application 3.93 for Android allows authenticated remote code execution via a POST request to the AJAX handler with the configFile parameter set to the arbitrary file to be written to (and the config_text parameter set to the content of the file to be created). This can be a PHP file that is written to in the public web directory and subsequently executed. The attacker must have network connectivity to the PHP server that is running on the Android device. | |||||
| CVE-2018-12426 | 1 3cx | 1 Live Chat | 2021-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| The WP Live Chat Support Pro plugin before 8.0.07 for WordPress is vulnerable to unauthenticated Remote Code Execution due to client-side validation of allowed file types, as demonstrated by a v1/remote_upload request with a .php filename and the image/jpeg content type. | |||||