Vulnerabilities (CVE)

Filtered by CWE-434
Total 2367 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-11108 1 Pi-hole 1 Pi-hole 2020-05-27 9.0 HIGH 8.8 HIGH
The Gravity updater in Pi-hole through 4.4 allows an authenticated adversary to upload arbitrary files. This can be abused for Remote Code Execution by writing to a PHP file in the web directory. (Also, it can be used in conjunction with the sudo rule for the www-data user to escalate privileges to root.) The code error is in gravity_DownloadBlocklistFromUrl in gravity.sh.
CVE-2020-13442 1 Dext5 1 Dext5 2020-05-27 7.5 HIGH 9.8 CRITICAL
A Remote code execution vulnerability exists in DEXT5Upload in DEXT5 through 2.7.1402870. An attacker can upload a PHP file via dext5handler.jsp handler because the uploaded file is stored under dext5uploadeddata/.
CVE-2020-1102 1 Microsoft 2 Sharepoint Enterprise Server, Sharepoint Server 2020-05-26 6.5 MEDIUM 8.8 HIGH
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1023, CVE-2020-1024.
CVE-2020-1023 1 Microsoft 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server 2020-05-26 6.5 MEDIUM 8.8 HIGH
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1024, CVE-2020-1102.
CVE-2020-1024 1 Microsoft 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server 2020-05-26 6.5 MEDIUM 8.8 HIGH
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1023, CVE-2020-1102.
CVE-2020-13384 1 Monstra 1 Monstra 2020-05-26 6.5 MEDIUM 8.8 HIGH
Monstra CMS 3.0.4 allows remote authenticated users to upload and execute arbitrary PHP code via admin/index.php?id=filesmanager because, for example, .php filenames are blocked but .php7 filenames are not, a related issue to CVE-2017-18048.
CVE-2020-13241 1 Microweber 1 Microweber 2020-05-22 7.2 HIGH 7.8 HIGH
Microweber 1.1.18 allows Unrestricted File Upload because admin/view:modules/load_module:users#edit-user=1 does not verify that the file extension (used with the Add Image option on the Edit User screen) corresponds to an image file.
CVE-2020-11807 1 Sourcefabric 1 Newscoop 2020-05-20 4.6 MEDIUM 7.8 HIGH
Because of Unrestricted Upload of a File with a Dangerous Type, Sourcefabric Newscoop 4.4.7 allows an authenticated user to execute arbitrary PHP code (and sometimes terminal commands) on a server by making an avatar update and then visiting the avatar file under the /images/ path.
CVE-2020-12255 1 Rconfig 1 Rconfig 2020-05-19 6.5 MEDIUM 8.8 HIGH
rConfig 3.9.4 is vulnerable to remote code execution due to improper validation in the file upload functionality. vendor.crud.php accepts a file upload by checking content-type without considering the file extension and header. Thus, an attacker can exploit this by uploading a .php file to vendor.php that contains arbitrary PHP code and changing the content-type to image/gif.
CVE-2020-13128 1 Gwtupload Project 1 Gwtupload 2020-05-19 5.0 MEDIUM 7.5 HIGH
An issue was discovered in Manolo GWTUpload 1.0.3. server/UploadServlet.java (the servlet for handling file upload) accepts a delay parameter that causes a thread to sleep. It can be abused to cause all of a server's threads to sleep, leading to denial of service.
CVE-2020-12252 1 Gigamon 1 Gigavue 2020-05-18 6.0 MEDIUM 6.2 MEDIUM
An issue was discovered in Gigamon GigaVUE 5.5.01.11. The upload functionality allows an arbitrary file upload for an authenticated user. If an executable file is uploaded into the www-root directory, then it could yield remote code execution via the filename parameter.
CVE-2020-5577 1 Sixapart 1 Movable Type 2020-05-15 6.5 MEDIUM 8.8 HIGH
Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and earlier (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and earlier (Movable Type for AWS 7), Movable Type 6.5.3 and earlier (Movable Type 6.5), Movable Type Advanced 6.5.3 and earlier (Movable Type Advanced 6.5), Movable Type 6.3.11 and earlier (Movable Type 6.3), Movable Type Advanced 6.3.11 and earlier (Movable Type 6.3), Movable Type Premium 1.29 and earlier, and Movable Type Premium Advanced 1.29 and earlier) allow remote authenticated attackers to upload arbitrary files and execute a php script via unspecified vectors.
CVE-2020-5880 1 F5 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 8 more 2020-05-07 5.5 MEDIUM 7.1 HIGH
Om BIG-IP 15.0.0-15.0.1.3 and 14.1.0-14.1.2.3, the restjavad process may expose a way for attackers to upload arbitrary files on the BIG-IP system, bypassing the authorization system. Resulting error messages may also reveal internal paths of the server.
CVE-2017-15990 1 Savsofteproducts 1 Phpinventory 2020-05-06 7.5 HIGH 9.8 CRITICAL
Php Inventory & Invoice Management System allows Arbitrary File Upload via dashboard/edit_myaccountdetail/.
CVE-2020-11943 1 Opmantek 1 Open-audit 2020-05-05 6.5 MEDIUM 8.8 HIGH
An issue was discovered in Open-AudIT 3.2.2. There is Arbitrary file upload.
CVE-2020-11817 1 Rukovoditel 1 Rukovoditel 2020-05-05 6.8 MEDIUM 9.8 CRITICAL
In Rukovoditel V2.5.2, attackers can upload an arbitrary file to the server just changing the the content-type value. As a result of that, an attacker can execute a command on the server. This specific attack only occurs with the Maintenance Mode setting.
CVE-2020-10507 1 The School Manage System Project 1 The School Manage System 2020-04-30 7.5 HIGH 9.8 CRITICAL
The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of Unrestricted file upload (RCE) , that would allow attackers to gain access in the hosting machine.
CVE-2020-9280 1 Silverstripe 1 Silverstripe 2020-04-29 5.0 MEDIUM 7.5 HIGH
In SilverStripe through 4.5, files uploaded via Forms to folders migrated from Silverstripe CMS 3.x may be put to the default "/Uploads" folder instead. This affects installations which allowed upload folder protection via the optional silverstripe/secureassets module under 3.x. This module is installed and enabled by default on the Common Web Platform (CWP). The vulnerability only affects files uploaded after an upgrade to 4.x.
CVE-2020-11011 1 Phproject 1 Phproject 2020-04-27 6.5 MEDIUM 8.8 HIGH
In Phproject before version 1.7.8, there's a vulnerability which allows users with access to file uploads to execute arbitrary code. This is patched in version 1.7.8.
CVE-2020-11815 1 Rukovoditel 1 Rukovoditel 2020-04-23 6.8 MEDIUM 9.8 CRITICAL
In Rukovoditel 2.5.2, attackers can upload arbitrary file to the server by just changing the content-type value. As a result of that, an attacker can execute a command on the server. This specific attack only occurs without the Maintenance Mode setting.