Total
2367 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-32661 | 1 Linuxfoundation | 1 \@backstage\/plugin-techdocs | 2021-06-21 | 4.9 MEDIUM | 7.3 HIGH |
| Backstage is an open platform for building developer portals. In versions of Backstage's Techdocs Plugin (`@backstage/plugin-techdocs`) prior to 0.9.5, a malicious internal actor can potentially upload documentation content with malicious scripts by embedding the script within an `object` element. This may give access to sensitive data when other users visit that same documentation page. The ability to upload malicious content may be limited by internal code review processes, unless the chosen TechDocs deployment method is to use an object store and the actor has access to upload files directly to that store. The vulnerability is patched in the `0.9.5` release of `@backstage/plugin-techdocs`. | |||||
| CVE-2021-34128 | 1 Laiketui | 1 Laiketui | 2021-06-21 | 6.5 MEDIUM | 8.8 HIGH |
| LaikeTui 3.5.0 allows remote authenticated users to execute arbitrary PHP code by using index.php?module=system&action=pay to upload a ZIP archive containing a .php file, as demonstrated by the ../../../../phpinfo.php pathname. | |||||
| CVE-2020-35760 | 1 Bloofox | 1 Bloofoxcms | 2021-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| bloofoxCMS 0.5.2.1 is infected with Unrestricted File Upload that allows attackers to upload malicious files (ex: php files). | |||||
| CVE-2021-3277 | 1 Nagios | 1 Nagios Xi | 2021-06-15 | 6.5 MEDIUM | 7.2 HIGH |
| Nagios XI 5.7.5 and earlier allows authenticated admins to upload arbitrary files due to improper validation of the rename functionality in custom-includes component, which leads to remote code execution by uploading php files. | |||||
| CVE-2020-35442 | 1 Fangfa | 1 Fdcms | 2021-06-11 | 7.5 HIGH | 9.8 CRITICAL |
| FDCMS (also known as Fangfa Content Management System) 4.0 allows remote attackers to get a webshell in the background via Front/lib/Action/FindexAction.class.php. | |||||
| CVE-2020-21005 | 1 Wellcms | 1 Wellcms | 2021-06-11 | 4.0 MEDIUM | 6.5 MEDIUM |
| WellCMS 2.0 beta3 is vulnerable to File Upload. A user can log in to the CMS background and upload a picture. Because the upload file type is controllable, the user can modify the upload file type to get webshell. | |||||
| CVE-2021-31703 | 1 Frontiersoftware | 1 Ichris | 2021-06-10 | 7.5 HIGH | 9.8 CRITICAL |
| Frontier ichris through 5.18 allows users to upload malicious executable files that might later be downloaded and run by any client user. | |||||
| CVE-2021-29092 | 1 Synology | 1 Photo Station | 2021-06-09 | 6.5 MEDIUM | 8.8 HIGH |
| Unrestricted upload of file with dangerous type vulnerability in file management component in Synology Photo Station before 6.8.14-3500 allows remote authenticated users to execute arbitrary code via unspecified vectors. | |||||
| CVE-2020-26678 | 1 Vfairs | 1 Vfairs | 2021-06-01 | 6.5 MEDIUM | 8.8 HIGH |
| vFairs 3.3 is affected by Remote Code Execution. Any user logged in to a vFairs virtual conference or event can abuse the functionality to upload a profile picture in order to place a malicious PHP file on the server and gain code execution. | |||||
| CVE-2021-27459 | 1 Emerson | 8 X-stream Enhanced Xefd, X-stream Enhanced Xefd Firmware, X-stream Enhanced Xegk and 5 more | 2021-05-28 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The webserver of the affected products allows unvalidated files to be uploaded, which an attacker could utilize to execute arbitrary code. | |||||
| CVE-2020-23765 | 1 Bludit | 1 Bludit | 2021-05-27 | 6.5 MEDIUM | 7.2 HIGH |
| A file upload vulnerability was discovered in the file path /bl-plugins/backup/plugin.php on Bludit version 3.12.0. If an attacker is able to gain Administrator rights they will be able to use unsafe plugins to upload a backup file and control the server. | |||||
| CVE-2021-32630 | 1 Admidio | 1 Admidio | 2021-05-27 | 6.5 MEDIUM | 8.8 HIGH |
| Admidio is a free, open source user management system for websites of organizations and groups. In Admidio before version 4.0.4, there is an authenticated RCE via .phar file upload. A php web shell can be uploaded via the Documents & Files upload feature. Someone with upload permissions could rename the php shell with a .phar extension, visit the file, triggering the payload for a reverse/bind shell. This can be mitigated by excluding a .phar file extension to be uploaded (like you did with .php .phtml .php5 etc). The vulnerability is patched in version 4.0.4. | |||||
| CVE-2021-20721 | 1 Kujirahand | 1 Konawiki | 2021-05-25 | 7.5 HIGH | 9.8 CRITICAL |
| KonaWiki2 versions prior to 2.2.4 allows a remote attacker to upload arbitrary files via unspecified vectors. If the file contains PHP scripts, arbitrary code may be executed. | |||||
| CVE-2021-32622 | 1 Matrix-react-sdk Project | 1 Matrix-react-sdk | 2021-05-25 | 4.4 MEDIUM | 7.8 HIGH |
| Matrix-React-SDK is a react-based SDK for inserting a Matrix chat/voip client into a web page. Before version 3.21.0, when uploading a file, the local file preview can lead to execution of scripts embedded in the uploaded file. This can only occur after several user interactions to open the preview in a separate tab. This only impacts the local user while in the process of uploading. It cannot be exploited remotely or by other users. This vulnerability is patched in version 3.21.0. | |||||
| CVE-2020-18166 | 1 Laobancms | 1 Laobancms | 2021-05-21 | 7.5 HIGH | 9.8 CRITICAL |
| Unrestricted File Upload in LAOBANCMS v2.0 allows remote attackers to upload arbitrary files by attaching a file with a ".jpg.php" extension to the component "admin/wenjian.php?wj=../templets/pc". | |||||
| CVE-2020-28063 | 1 Articlecms Project | 1 Articlecms | 2021-05-20 | 7.5 HIGH | 9.8 CRITICAL |
| A file upload issue exists in all versions of ArticleCMS which allows malicious users to getshell. | |||||
| CVE-2018-12980 | 1 Wago | 8 762-3000, 762-3000 Firmware, 762-3001 and 5 more | 2021-05-20 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. The vulnerability allows an authenticated user to upload arbitrary files to the file system with the permissions of the web server. | |||||
| CVE-2020-20092 | 1 Articlecms Project | 1 Articlecms | 2021-05-20 | 7.5 HIGH | 9.8 CRITICAL |
| File Upload vulnerability exists in ArticleCMS 1.0 via the image upload feature at /admin by changing the Content-Type to image/jpeg and placing PHP code after the JPEG data, which could let a remote malicious user execute arbitrary PHP code. | |||||
| CVE-2021-29022 | 1 Invoiceplane | 1 Invoiceplane | 2021-05-19 | 5.0 MEDIUM | 5.3 MEDIUM |
| In InvoicePlane 1.5.11, the upload feature discloses the full path of the file upload directory. | |||||
| CVE-2021-24254 | 1 College Publisher Import Project | 1 College Publisher Import | 2021-05-14 | 6.5 MEDIUM | 7.2 HIGH |
| The College publisher Import WordPress plugin through 0.1 does not check for the uploaded CSV file to import, allowing high privilege users to upload arbitrary files, such as PHP, leading to RCE. Due to the lack of CSRF check, the issue could also be exploited via a CSRF attack. | |||||