Search
Total
736 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-6449 | 1 Rocklobster | 1 Contact Form 7 | 2023-12-06 | N/A | 7.2 HIGH |
| The Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'validate' function and insufficient blocklisting on the 'wpcf7_antiscript_file_name' function in versions up to, and including, 5.8.3. This makes it possible for authenticated attackers with editor-level capabilities or above to upload arbitrary files on the affected site's server, but due to the htaccess configuration, remote code cannot be executed in most cases. By default, the file will be deleted from the server immediately. However, in some cases, other plugins may make it possible for the file to live on the server longer. This can make remote code execution possible when combined with another vulnerability, such as local file inclusion. | |||||
| CVE-2023-5637 | 1 Arslansoft Education Portal Project | 1 Arslansoft Education Portal | 2023-12-06 | N/A | 7.5 HIGH |
| Unrestricted Upload of File with Dangerous Type vulnerability in ArslanSoft Education Portal allows Read Sensitive Strings Within an Executable.This issue affects Education Portal: before v1.1. | |||||
| CVE-2023-5965 | 1 Espocrm | 1 Espocrm | 2023-12-06 | N/A | 7.2 HIGH |
| An authenticated privileged attacker could upload a specially crafted zip to the EspoCRM server in version 7.2.5, via the update form, which could lead to arbitrary PHP code execution. | |||||
| CVE-2023-5966 | 1 Espocrm | 1 Espocrm | 2023-12-06 | N/A | 7.2 HIGH |
| An authenticated privileged attacker could upload a specially crafted zip to the EspoCRM server in version 7.2.5, via the extension deployment form, which could lead to arbitrary PHP code execution. | |||||
| CVE-2023-49052 | 1 Microweber | 1 Microweber | 2023-12-05 | N/A | 8.8 HIGH |
| File Upload vulnerability in Microweber v.2.0.4 allows a remote attacker to execute arbitrary code via a crafted script to the file upload function in the created forms component. | |||||
| CVE-2023-29770 | 1 Sapplica | 1 Sentrifugo | 2023-12-01 | N/A | 8.8 HIGH |
| In Sentrifugo 3.5, the AssetsController::uploadsaveAction function allows an authenticated attacker to upload any file without extension filtering. | |||||
| CVE-2023-6219 | 1 Reputeinfosystems | 1 Bookingpress | 2023-12-01 | N/A | 7.2 HIGH |
| The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'bookingpress_process_upload' function in versions up to, and including, 1.0.76. This makes it possible for authenticated attackers with administrator-level capabilities or above, to upload arbitrary files on the affected site's server which may make remote code execution possible. | |||||
| CVE-2023-6308 | 1 Four-faith | 1 Video Surveillance Management System | 2023-12-01 | N/A | 8.8 HIGH |
| A vulnerability, which was classified as critical, has been found in Xiamen Four-Faith Video Surveillance Management System 2016/2017. Affected by this issue is some unknown functionality of the component Apache Struts. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-246134 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-41812 | 1 Artica | 1 Pandora Fms | 2023-11-30 | N/A | 8.8 HIGH |
| Unrestricted Upload of File with Dangerous Type vulnerability in Pandora FMS on all allows Accessing Functionality Not Properly Constrained by ACLs. This vulnerability allowed PHP executable files to be uploaded through the file manager. This issue affects Pandora FMS: from 700 through 773. | |||||
| CVE-2022-37426 | 2 Linux, Opennebula | 2 Linux Kernel, Opennebula | 2023-11-30 | N/A | 7.5 HIGH |
| Unrestricted Upload of File with Dangerous Type vulnerability in OpenNebula OpenNebula core on Linux allows File Content Injection. | |||||
| CVE-2022-3436 | 1 Web-based Student Clearance System Project | 1 Web-based Student Clearance System | 2023-11-30 | N/A | 7.5 HIGH |
| A vulnerability classified as critical was found in SourceCodester Web-Based Student Clearance System 1.0. Affected by this vulnerability is an unknown functionality of the file edit-photo.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-210367. | |||||
| CVE-2023-4223 | 1 Chamilo | 1 Chamilo Lms | 2023-11-30 | N/A | 8.8 HIGH |
| Unrestricted file upload in `/main/inc/ajax/document.ajax.php` in Chamilo LMS <= v1.11.24 allows authenticated attackers with learner role to obtain remote code execution via uploading of PHP files. | |||||
| CVE-2023-4226 | 1 Chamilo | 1 Chamilo Lms | 2023-11-30 | N/A | 8.8 HIGH |
| Unrestricted file upload in `/main/inc/ajax/work.ajax.php` in Chamilo LMS <= v1.11.24 allows authenticated attackers with learner role to obtain remote code execution via uploading of PHP files. | |||||
| CVE-2023-4224 | 1 Chamilo | 1 Chamilo Lms | 2023-11-30 | N/A | 8.8 HIGH |
| Unrestricted file upload in `/main/inc/ajax/dropbox.ajax.php` in Chamilo LMS <= v1.11.24 allows authenticated attackers with learner role to obtain remote code execution via uploading of PHP files. | |||||
| CVE-2023-4225 | 1 Chamilo | 1 Chamilo Lms | 2023-11-30 | N/A | 8.8 HIGH |
| Unrestricted file upload in `/main/inc/ajax/exercise.ajax.php` in Chamilo LMS <= v1.11.24 allows authenticated attackers with learner role to obtain remote code execution via uploading of PHP files. | |||||
| CVE-2023-41788 | 1 Artica | 1 Pandora Fms | 2023-11-29 | N/A | 8.8 HIGH |
| Unrestricted Upload of File with Dangerous Type vulnerability in Pandora FMS on all allows Accessing Functionality Not Properly Constrained by ACLs. This vulnerability allows attackers to execute code via PHP file uploads. This issue affects Pandora FMS: from 700 through 773. | |||||
| CVE-2023-6187 | 1 Strangerstudios | 1 Paid Memberships Pro | 2023-11-24 | N/A | 8.8 HIGH |
| The Paid Memberships Pro plugin for WordPress is vulnerable to arbitrary file uploads to insufficient file type validation in the 'pmpro_paypalexpress_session_vars_for_user_fields' function in versions up to, and including, 2.12.3. This makes it possible for authenticated attackers with subscriber privileges or above, to upload arbitrary files on the affected site's server which may make remote code execution possible. This can be exploited if 2Checkout (deprecated since version 2.6) or PayPal Express is set as the payment method and a custom user field is added that is only visible at profile, and not visible at checkout according to its settings. | |||||
| CVE-2023-48217 | 1 Statamic | 1 Statamic | 2023-11-22 | N/A | 8.8 HIGH |
| Statamic is a flat-first, Laravel + Git powered CMS designed for building websites. In affected versions certain additional PHP files crafted to look like images may be uploaded regardless of mime type validation rules. This affects front-end forms using the "Forms" feature, and asset upload fields in the control panel. Malicious users could leverage this vulnerability to upload and execute code. This issue has been patched in versions 3.4.14 and 4.34.0. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2021-42362 | 1 Wordpress Popular Posts Project | 1 Wordpress Popular Posts | 2023-11-22 | 6.5 MEDIUM | 8.8 HIGH |
| The WordPress Popular Posts WordPress plugin is vulnerable to arbitrary file uploads due to insufficient input file type validation found in the ~/src/Image.php file which makes it possible for attackers with contributor level access and above to upload malicious files that can be used to obtain remote code execution, in versions up to and including 5.3.2. | |||||
| CVE-2023-47621 | 1 Duncanmcclean | 1 Guest Entries | 2023-11-21 | N/A | 8.8 HIGH |
| Guest Entries is a php library which allows users to create, update & delete entries from the front-end of a site. In affected versions the file uploads feature did not prevent the upload of PHP files. This may lead to code execution on the server by authenticated users. This vulnerability is fixed in v3.1.2. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2020-5509 | 1 Phpgurukul | 1 Car Rental Portal | 2023-11-14 | 6.5 MEDIUM | 7.2 HIGH |
| PHPGurukul Car Rental Project v1.0 allows Remote Code Execution via an executable file in an upload of a new profile image. | |||||
| CVE-2023-42659 | 1 Progress | 1 Ws Ftp Server | 2023-11-14 | N/A | 8.8 HIGH |
| In WS_FTP Server versions prior to 8.7.6 and 8.8.4, an unrestricted file upload flaw has been identified. An authenticated Ad Hoc Transfer user has the ability to craft an API call which allows them to upload a file to a specified location on the underlying operating system hosting the WS_FTP Server application. | |||||
| CVE-2022-40925 | 1 Phpgurukul | 1 Zoo Management System | 2023-11-14 | N/A | 7.2 HIGH |
| Zoo Management System v1.0 has an arbitrary file upload vulnerability in the picture upload point of the "save_event" file of the "Events" module in the background management system. | |||||
| CVE-2022-40932 | 1 Phpgurukul | 1 Zoo Management System | 2023-11-14 | N/A | 7.2 HIGH |
| In Zoo Management System v1.0, there is an arbitrary file upload vulnerability in the picture upload point of the "gallery" file of the "Gallery" module in the background management system. | |||||
| CVE-2022-40924 | 1 Phpgurukul | 1 Zoo Management System | 2023-11-14 | N/A | 7.2 HIGH |
| Zoo Management System v1.0 has an arbitrary file upload vulnerability in the picture upload point of the "save_animal" file of the "Animals" module in the background management system. | |||||
| CVE-2023-33480 | 1 Remoteclinic | 1 Remote Clinic | 2023-11-14 | N/A | 8.8 HIGH |
| RemoteClinic 2.0 contains a critical vulnerability chain that can be exploited by a remote attacker with low-privileged user credentials to create admin users, escalate privileges, and execute arbitrary code on the target system via a PHP shell. The vulnerabilities are caused by a lack of input validation and access control in the staff/register.php endpoint and the edit-my-profile.php page. By sending a series of specially crafted requests to the RemoteClinic application, an attacker can create admin users with more privileges than their own, upload a PHP file containing arbitrary code, and execute arbitrary commands via the PHP shell. | |||||
| CVE-2023-20195 | 1 Cisco | 1 Identity Services Engine | 2023-11-14 | N/A | 7.2 HIGH |
| Two vulnerabilities in Cisco ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. These vulnerabilities are due to improper validation of files that are uploaded to the web-based management interface. An attacker could exploit these vulnerabilities by uploading a crafted file to an affected device. A successful exploit could allow the attacker to store malicious files in specific directories on the device. The attacker could later use those files to conduct additional attacks, including executing arbitrary code on the affected device with root privileges. | |||||
| CVE-2020-28136 | 1 Phpgurukul | 1 Tourism Management System | 2023-11-14 | 6.5 MEDIUM | 8.8 HIGH |
| An Arbitrary File Upload is discovered in SourceCodester Tourism Management System 1.0 allows the user to conduct remote code execution via admin/create-package.php vulnerable page. | |||||
| CVE-2023-41357 | 1 Gss | 1 Vitals Enterprise Social Platform | 2023-11-13 | N/A | 8.8 HIGH |
| Galaxy Software Services Corporation Vitals ESP is an online knowledge base management portal, it has insufficient filtering and validation during file upload. An authenticated remote attacker with general user privilege can exploit this vulnerability to upload and execute scripts onto arbitrary directories to perform arbitrary system operations or disrupt service. | |||||
| CVE-2023-1720 | 1 Bitrix24 | 1 Bitrix24 | 2023-11-09 | N/A | 8.0 HIGH |
| Lack of mime type response header in Bitrix24 22.0.300 allows authenticated remote attackers to execute arbitrary JavaScript code in the victim's browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege, via uploading a crafted HTML file through /desktop_app/file.ajax.php?action=uploadfile. | |||||
| CVE-2023-41725 | 1 Ivanti | 1 Avalanche | 2023-11-09 | N/A | 7.8 HIGH |
| Ivanti Avalanche EnterpriseServer Service Unrestricted File Upload Local Privilege Escalation Vulnerability | |||||
| CVE-2023-1713 | 1 Bitrix24 | 1 Bitrix24 | 2023-11-09 | N/A | 8.8 HIGH |
| Insecure temporary file creation in bitrix/modules/crm/lib/order/import/instagram.php in Bitrix24 22.0.300 hosted on Apache HTTP Server allows remote authenticated attackers to execute arbitrary code via uploading a crafted ".htaccess" file. | |||||
| CVE-2023-5919 | 1 Company Website Cms Project | 1 Company Website Cms | 2023-11-09 | N/A | 7.2 HIGH |
| A vulnerability was found in SourceCodester Company Website CMS 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /dashboard/createblog of the component Create Blog Page. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-244310 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-5860 | 1 Bplugins | 1 Icons Font Loader | 2023-11-09 | N/A | 7.2 HIGH |
| The Icons Font Loader plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the upload function in all versions up to, and including, 1.1.2. This makes it possible for authenticated attackers, with administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. | |||||
| CVE-2023-20196 | 1 Cisco | 1 Identity Services Engine | 2023-11-09 | N/A | 7.2 HIGH |
| Two vulnerabilities in Cisco ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. These vulnerabilities are due to improper validation of files that are uploaded to the web-based management interface. An attacker could exploit these vulnerabilities by uploading a crafted file to an affected device. A successful exploit could allow the attacker to store malicious files in specific directories on the device. The attacker could later use those files to conduct additional attacks, including executing arbitrary code on the affected device with root privileges. | |||||
| CVE-2023-38836 | 1 Boidcms | 1 Boidcms | 2023-08-24 | N/A | 8.8 HIGH |
| File Upload vulnerability in BoidCMS v.2.0.0 allows a remote attacker to execute arbitrary code via the GIF header component. | |||||
| CVE-2023-4409 | 1 Happysoft | 1 Nbs\&happysoftwechat | 2023-08-23 | N/A | 8.8 HIGH |
| A vulnerability, which was classified as critical, has been found in NBS&HappySoftWeChat 1.1.6. Affected by this issue is some unknown functionality. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-237512. | |||||
| CVE-2023-35808 | 1 Sugarcrm | 1 Sugarcrm | 2023-08-23 | N/A | 8.8 HIGH |
| An issue was discovered in SugarCRM Enterprise before 11.0.6 and 12.x before 12.0.3. An Unrestricted File Upload vulnerability has been identified in the Notes module. By using crafted requests, custom PHP code can be injected and executed through the Notes module because of missing input validation. Regular user privileges can be used to exploit this vulnerability. Editions other than Enterprise are also affected. | |||||
| CVE-2023-31941 | 1 Online Travel Agency System Project | 1 Online Travel Agency System | 2023-08-18 | N/A | 7.2 HIGH |
| File Upload vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via a crafted PHP file to the employee_insert.php. | |||||
| CVE-2023-31946 | 1 Online Travel Agency System Project | 1 Online Travel Agency System | 2023-08-18 | N/A | 7.2 HIGH |
| File Upload vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via a crafted PHP file to the artical.php. | |||||
| CVE-2020-3436 | 1 Cisco | 3 Adaptive Security Appliance, Adaptive Security Appliance Software, Firepower Threat Defense | 2023-08-16 | 7.8 HIGH | 8.6 HIGH |
| A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to upload arbitrary-sized files to specific folders on an affected device, which could lead to an unexpected device reload. The vulnerability exists because the affected software does not efficiently handle the writing of large files to specific folders on the local file system. An attacker could exploit this vulnerability by uploading files to those specific folders. A successful exploit could allow the attacker to write a file that triggers a watchdog timeout, which would cause the device to unexpectedly reload, causing a denial of service (DoS) condition. | |||||
| CVE-2023-4243 | 1 Full | 1 Full - Customer | 2023-08-14 | N/A | 8.8 HIGH |
| The FULL - Customer plugin for WordPress is vulnerable to Arbitrary File Upload via the /install-plugin REST route in versions up to, and including, 2.2.3 due to improper authorization. This allows authenticated attackers with subscriber-level permissions and above to execute code by installing plugins from arbitrary remote locations including non-repository sources onto the site, granted they are packaged as a valid WordPress plugin. | |||||
| CVE-2020-23564 | 1 Sem-cms | 1 Semcms | 2023-08-09 | N/A | 7.2 HIGH |
| File Upload vulnerability in SEMCMS 3.9 allows remote attackers to run arbitrary code via SEMCMS_Upfile.php. | |||||
| CVE-2023-4159 | 1 Omeka | 1 Omeka S | 2023-08-09 | N/A | 8.8 HIGH |
| Unrestricted Upload of File with Dangerous Type in GitHub repository omeka/omeka-s prior to 4.0.3. | |||||
| CVE-2023-38947 | 1 Wbce | 1 Wbce Cms | 2023-08-09 | N/A | 7.2 HIGH |
| An arbitrary file upload vulnerability in the /languages/install.php component of WBCE CMS v1.6.1 allows attackers to execute arbitrary code via a crafted PHP file. | |||||
| CVE-2023-36298 | 1 Dedecms | 1 Dedecms | 2023-08-07 | N/A | 8.8 HIGH |
| DedeCMS v5.7.109 has a File Upload vulnerability, leading to remote code execution (RCE). | |||||
| CVE-2023-36299 | 1 Typecho | 1 Typecho | 2023-08-07 | N/A | 8.8 HIGH |
| A File Upload vulnerability in typecho v.1.2.1 allows a remote attacker to execute arbitrary code via the upload and options-general parameters in index.php. | |||||
| CVE-2023-36212 | 1 Totalcms | 1 Total Cms | 2023-08-05 | N/A | 8.8 HIGH |
| File Upload vulnerability in Total CMS v.1.7.4 allows a remote attacker to execute arbitrary code via a crafted PHP file to the edit page function. | |||||
| CVE-2018-19422 | 1 Intelliants | 1 Subrion Cms | 2023-08-04 | 6.5 MEDIUM | 7.2 HIGH |
| /panel/uploads in Subrion CMS 4.2.1 allows remote attackers to execute arbitrary PHP code via a .pht or .phar file, because the .htaccess file omits these. | |||||
| CVE-2023-39147 | 1 Webkul | 1 Uvdesk | 2023-08-04 | N/A | 7.8 HIGH |
| An arbitrary file upload vulnerability in Uvdesk 1.1.3 allows attackers to execute arbitrary code via uploading a crafted image file. | |||||