Vulnerabilities (CVE)

Filtered by CWE-434
Total 2367 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-9185 1 Boltcms 1 Bolt 2021-01-04 6.5 MEDIUM 8.8 HIGH
Controller/Async/FilesystemManager.php in the filemanager in Bolt before 3.6.5 allows remote attackers to execute arbitrary PHP code by renaming a previously uploaded file to have a .php extension.
CVE-2020-35627 1 Woocommerce 1 Gift Cards 2020-12-30 7.5 HIGH 8.8 HIGH
Ultimate WooCommerce Gift Cards 3.0.2 is affected by a file upload vulnerability in the Custom GiftCard Template that can remotely execute arbitrary code. Once it contains the function "Custom Gift Card Template", the function of uploading a custom image is used, changing the name of the image extension to PHP and executing PHP code on the server.
CVE-2020-26286 1 Hedgedoc 1 Hedgedoc 2020-12-30 5.0 MEDIUM 7.5 HIGH
HedgeDoc is a collaborative platform for writing and sharing markdown. In HedgeDoc before version 1.7.1 an unauthenticated attacker can upload arbitrary files to the upload storage backend including HTML, JS and PHP files. The problem is patched in HedgeDoc 1.7.1. You should however verify that your uploaded file storage only contains files that are allowed, as uploaded files might still be served. As workaround it's possible to block the `/uploadimage` endpoint on your instance using your reverse proxy. And/or restrict MIME-types and file names served from your upload file storage.
CVE-2020-27397 1 Projectworlds 1 Online Matrimonial Project 2020-12-23 6.5 MEDIUM 8.8 HIGH
Marital - Online Matrimonial Project In PHP version 1.0 suffers from an authenticated file upload vulnerability allowing remote attackers to gain remote code execution (RCE) on the Hosting web server via uploading a maliciously crafted PHP file.
CVE-2020-35657 1 Jaws Project 1 Jaws 2020-12-23 6.5 MEDIUM 7.2 HIGH
Jaws through 1.8.0 allows remote authenticated administrators to execute arbitrary code via crafted use of UploadTheme to upload a theme ZIP archive containing a .php file that is able to execute OS commands. NOTE: this is unrelated to the JAWS (aka Job Access With Speech) product.
CVE-2020-35656 1 Jaws Project 1 Jaws 2020-12-23 6.5 MEDIUM 7.2 HIGH
Jaws through 1.8.0 allows remote authenticated administrators to execute arbitrary code via crafted use of admin.php?reqGadget=Components&reqAction=InstallGadget&comp=FileBrowser and admin.php?reqGadget=FileBrowser&reqAction=Files to upload a .php file. NOTE: this is unrelated to the JAWS (aka Job Access With Speech) product.
CVE-2020-29447 1 Atlassian 1 Crucible 2020-12-22 4.0 MEDIUM 4.3 MEDIUM
Affected versions of Atlassian Crucible allow remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability in the file upload request feature of code reviews. The affected versions are before version 4.7.4, and from version 4.8.0 before 4.8.5.
CVE-2020-25010 1 Kyland 2 Kps2204 6 Port Managed Din-rail Programmable Serial Device, Kps2204 6 Port Managed Din-rail Programmable Serial Device Firmware 2020-12-22 7.5 HIGH 9.8 CRITICAL
An arbitrary code execution vulnerability in Kyland KPS2204 6 Port Managed Din-Rail Programmable Serial Device Servers Software Version:R0002.P05 allows remote attackers to upload a malicious script file by constructing a POST type request and writing a payload in the request parameters as an instruction to write a file.
CVE-2020-35489 1 Rocklobster 1 Contact Form 7 2020-12-22 10.0 HIGH 10.0 CRITICAL
The contact-form-7 (aka Contact Form 7) plugin before 5.3.2 for WordPress allows Unrestricted File Upload and remote code execution because a filename may contain special characters.
CVE-2020-26174 1 Tangro 1 Business Workflow 2020-12-21 6.5 MEDIUM 8.8 HIGH
tangro Business Workflow before 1.18.1 requests a list of allowed filetypes from the server and restricts uploads to the filetypes contained in this list. However, this restriction is enforced in the browser (client-side) and can be circumvented. This allows an attacker to upload any file as an attachment to a workitem.
CVE-2020-35133 1 Irfanview 1 Irfanview 2020-12-18 5.0 MEDIUM 7.5 HIGH
irfanView 4.56 contains an error processing parsing files of type .pcx. Which leads to out-of-bounds writing at i_view32+0xdb60.
CVE-2020-28072 1 Alumni Management System Project 1 Alumni Management System 2020-12-17 6.5 MEDIUM 7.2 HIGH
A Remote Code Execution vulnerability exists in DourceCodester Alumni Management System 1.0. An authenticated attacker can upload arbitrary file in the gallery.php page and executing it on the server reaching the RCE.
CVE-2020-26826 1 Sap 1 Netweaver Application Server Java 2020-12-14 4.0 MEDIUM 6.5 MEDIUM
Process Integration Monitoring of SAP NetWeaver AS JAVA, versions - 7.31, 7.40, 7.50, allows an attacker to upload any file (including script files) without proper file format validation, leading to Unrestricted File Upload.
CVE-2020-26828 1 Sap 1 Disclosure Management 2020-12-11 5.5 MEDIUM 6.4 MEDIUM
SAP Disclosure Management, version - 10.1, provides capabilities for authorized users to upload and download content of specific file type. In some file types it is possible to enter formulas which can call external applications or execute scripts. The execution of a payload (script) on target machine could be used to steal and modify the data available in the spreadsheet
CVE-2020-23520 1 Txjia 1 Imcat 2020-12-10 6.5 MEDIUM 7.2 HIGH
imcat 5.2 allows an authenticated file upload and consequently remote code execution via the picture functionality.
CVE-2020-26255 1 Getkirby 2 Kirby, Panel 2020-12-10 6.5 MEDIUM 9.1 CRITICAL
Kirby is a CMS. In Kirby CMS (getkirby/cms) before version 3.4.5, and Kirby Panel before version 2.5.14 , an editor with full access to the Kirby Panel can upload a PHP .phar file and execute it on the server. This vulnerability is critical if you might have potential attackers in your group of authenticated Panel users, as they can gain access to the server with such a Phar file. Visitors without Panel access *cannot* use this attack vector. The problem has been patched in Kirby 2.5.14 and Kirby 3.4.5. Please update to one of these or a later version to fix the vulnerability. Note: Kirby 2 reaches end of life on December 31, 2020. We therefore recommend to upgrade your Kirby 2 sites to Kirby 3. If you cannot upgrade, we still recommend to update to Kirby 2.5.14.
CVE-2017-1000081 1 Onosproject 1 Onos 2020-12-07 7.5 HIGH 9.8 CRITICAL
Linux foundation ONOS 1.9.0 is vulnerable to unauthenticated upload of applications (.oar) resulting in remote code execution.
CVE-2020-28939 1 Openclinic Project 1 Openclinic 2020-12-07 6.5 MEDIUM 7.2 HIGH
OpenClinic version 0.8.2 is affected by a medical/test_new.php insecure file upload vulnerability. This vulnerability allows authenticated users (with substantial privileges) to upload malicious files, such as PHP web shells, which can lead to arbitrary code execution on the application server.
CVE-2020-29441 1 Outsystems 1 Outsystems 2020-12-04 6.4 MEDIUM 6.5 MEDIUM
An issue was discovered in the Upload Widget in OutSystems Platform 10 before 10.0.1019.0. An unauthenticated attacker can upload arbitrary files. In some cases, this attack may consume the available database space (Denial of Service), corrupt legitimate data if files are being processed asynchronously, or deny access to legitimate uploaded files.
CVE-2020-25537 1 Ucms Project 1 Ucms 2020-12-04 10.0 HIGH 9.8 CRITICAL
File upload vulnerability exists in UCMS 1.5.0, and the attacker can take advantage of this vulnerability to obtain server management permission.