Search
Total
1387 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-10621 | 1 Advantech | 1 Webaccess\/nms | 2020-04-10 | 10.0 HIGH | 9.8 CRITICAL |
| Multiple issues exist that allow files to be uploaded and executed on the WebAccess/NMS (versions prior to 3.0.2). | |||||
| CVE-2020-10934 | 1 Acyba | 1 Acymailing | 2020-04-07 | 6.5 MEDIUM | 7.2 HIGH |
| Acyba AcyMailing before 6.9.2 mishandles file uploads by admins. | |||||
| CVE-2020-11544 | 1 Projectworlds | 1 Official Car Rental System | 2020-04-06 | 6.5 MEDIUM | 7.2 HIGH |
| An issue was discovered in Project Worlds Official Car Rental System 1. It allows the admin user to run commands on the server with their account because the upload section on the file-manager page contains an arbitrary file upload vulnerability via add_cars.php. There are no upload restrictions for executable files. | |||||
| CVE-2001-0340 | 1 Microsoft | 1 Exchange Server | 2020-04-02 | 7.5 HIGH | N/A |
| An interaction between the Outlook Web Access (OWA) service in Microsoft Exchange 2000 Server and Internet Explorer allows attackers to execute malicious script code against a user's mailbox via a message attachment that contains HTML code, which is executed automatically. | |||||
| CVE-2001-1099 | 2 Microsoft, Symantec | 2 Exchange Server, Norton Antivirus | 2020-04-02 | 5.0 MEDIUM | N/A |
| The default configuration of Norton AntiVirus for Microsoft Exchange 2000 2.x allows remote attackers to identify the recipient's INBOX file path by sending an email with an attachment containing malicious content, which includes the path in the rejection notice. | |||||
| CVE-2020-6008 | 1 Lifterlms | 1 Lifterlms | 2020-04-01 | 7.5 HIGH | 9.8 CRITICAL |
| LifterLMS Wordpress plugin version below 3.37.15 is vulnerable to arbitrary file write leading to remote code execution | |||||
| CVE-2020-8866 | 1 Horde | 1 Groupware | 2020-03-30 | 4.0 MEDIUM | 6.5 MEDIUM |
| This vulnerability allows remote attackers to create arbitrary files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within add.php. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the www-data user. Was ZDI-CAN-10125. | |||||
| CVE-2020-10964 | 2 Microsoft, S9y | 2 Windows, Serendipity | 2020-03-27 | 7.5 HIGH | 9.8 CRITICAL |
| Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename. | |||||
| CVE-2020-10806 | 1 Ez | 2 Ez Publish-kernel, Ez Publish-legacy | 2020-03-25 | 7.5 HIGH | 9.8 CRITICAL |
| eZ Publish Kernel before 5.4.14.1, 6.x before 6.13.6.2, and 7.x before 7.5.6.2 and eZ Publish Legacy before 5.4.14.1, 2017 before 2017.12.7.2, and 2019 before 2019.03.4.2 allow remote attackers to execute arbitrary code by uploading PHP code, unless the vhost configuration permits only app.php execution. | |||||
| CVE-2020-7935 | 1 Artica | 1 Pandora Fms | 2020-03-25 | 6.5 MEDIUM | 7.2 HIGH |
| Artica Pandora FMS through 7.42 is vulnerable to remote PHP code execution because of an Unrestricted Upload Of A File With A Dangerous Type issue in the File Manager. An attacker can create a (or use an existing) directory that is externally accessible to store PHP files. The filename and the exact path is known by the attacker, so it is possible to execute PHP code in the context of the application. The vulnerability is exploitable only with Administrator access. | |||||
| CVE-2020-8511 | 1 Artica | 1 Pandora Fms | 2020-03-25 | 6.5 MEDIUM | 7.2 HIGH |
| In Artica Pandora FMS through 7.42, Web Admin users can execute arbitrary code by uploading a .php file via the File Repository component, a different issue than CVE-2020-7935 and CVE-2020-8500. | |||||
| CVE-2020-10682 | 1 Cmsmadesimple | 1 Cms Made Simple | 2020-03-24 | 6.8 MEDIUM | 7.8 HIGH |
| The Filemanager in CMS Made Simple 2.2.13 allows remote code execution via a .php.jpegd JPEG file, as demonstrated by m1_files[] to admin/moduleinterface.php. The file should be sent as application/octet-stream and contain PHP code (it need not be a valid JPEG file). | |||||
| CVE-2019-16066 | 1 Netsas | 1 Enigma Network Management Solution | 2020-03-23 | 9.0 HIGH | 8.8 HIGH |
| An unrestricted file upload vulnerability exists in user and system file upload functions in NETSAS Enigma NMS 65.0.0 and prior. This allows an attacker to upload malicious files and perform arbitrary code execution on the system. | |||||
| CVE-2020-9423 | 1 Logicaldoc | 1 Logicaldoc | 2020-03-20 | 10.0 HIGH | 9.8 CRITICAL |
| LogicalDoc before 8.3.3 could allow an attacker to upload arbitrary files, leading to command execution or retrieval of data from the database. LogicalDoc provides a functionality to add documents. Those documents could then be used for multiple tasks, such as version control, shared among users, applying tags, etc. This functionality could be abused by an unauthenticated attacker to upload an arbitrary file in a restricted folder. This would lead to the executions of malicious commands with root privileges. | |||||
| CVE-2019-12971 | 1 G-u | 2 Bks Ebk Ethernet-buskoppler Pro, Bks Ebk Ethernet-buskoppler Pro Firmware | 2020-03-19 | 10.0 HIGH | 9.8 CRITICAL |
| BKS EBK Ethernet-Buskoppler Pro before 3.01 allows Unrestricted Upload of a File with a Dangerous Type. | |||||
| CVE-2020-9471 | 1 Umbraco | 1 Umbraco Cms | 2020-03-19 | 6.5 MEDIUM | 8.8 HIGH |
| Umbraco Cloud 8.5.3 allows an authenticated file upload (and consequently Remote Code Execution) via the Install Packages functionality. | |||||
| CVE-2020-9472 | 1 Umbraco | 1 Umbraco Cms | 2020-03-19 | 4.0 MEDIUM | 6.5 MEDIUM |
| Umbraco CMS 8.5.3 allows an authenticated file upload (and consequently Remote Code Execution) via the Install Package functionality. | |||||
| CVE-2020-10562 | 1 Devome | 1 Grr | 2020-03-18 | 6.5 MEDIUM | 7.2 HIGH |
| An issue was discovered in DEVOME GRR before 3.4.1c. admin_edit_room.php mishandles file uploads. | |||||
| CVE-2020-10557 | 1 Atutor | 1 Acontent | 2020-03-18 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in AContent through 1.4. It allows the user to run commands on the server with a low-privileged account. The upload section in the file manager page contains an arbitrary file upload vulnerability via upload.php. The extension .php7 bypasses file upload restrictions. | |||||
| CVE-2020-6965 | 1 Gehealthcare | 18 Apexpro Telemetry Server, Apexpro Telemetry Server Firmware, Carescape B450 Monitor and 15 more | 2020-03-17 | 6.5 MEDIUM | 9.9 CRITICAL |
| In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X, B450 Version 2.X, B650 Version 1.X, B650 Version 2.X, B850 Version 1.X, B850 Version 2.X, a vulnerability in the software update mechanism allows an authenticated attacker to upload arbitrary files on the system through a crafted update package. | |||||
| CVE-2018-6860 | 1 Schools Alert Management Script Project | 1 Schools Alert Management Script | 2020-03-11 | 6.5 MEDIUM | 8.8 HIGH |
| Arbitrary File Upload and Remote Code Execution exist in PHP Scripts Mall Schools Alert Management Script 2.0.2 via a profile picture. | |||||
| CVE-2016-6918 | 1 Lexmark | 1 Markvision Enterprise | 2020-03-10 | 7.5 HIGH | 9.8 CRITICAL |
| Lexmark Markvision Enterprise (MVE) before 2.4.1 allows remote attackers to execute arbitrary commands by uploading files. ( | |||||
| CVE-2015-7339 | 1 Widgetfactorylimited | 1 Jce | 2020-03-10 | 6.5 MEDIUM | 8.8 HIGH |
| JCE Joomla Component 2.5.0 to 2.5.2 allows arbitrary file upload via a .php file extension for an image file to the /com_jce/editor/libraries/classes/browser.php script. | |||||
| CVE-2020-9380 | 1 Whmcssmarters | 1 Web Tv Player | 2020-03-10 | 7.5 HIGH | 9.8 CRITICAL |
| IPTV Smarters WEB TV PLAYER through 2020-02-22 allows attackers to execute OS commands by uploading a script. | |||||
| CVE-2020-5256 | 1 Bookstackapp | 1 Bookstack | 2020-03-10 | 9.0 HIGH | 8.8 HIGH |
| BookStack before version 0.25.5 has a vulnerability where a user could upload PHP files through image upload functions, which would allow them to execute code on the host system remotely. They would then have the permissions of the PHP process. This most impacts scenarios where non-trusted users are given permission to upload images in any area of the application. The issue was addressed in a series of patches in versions 0.25.3, 0.25.4 and 0.25.5. Users should upgrade to at least v0.25.5 to avoid this vulnerability. | |||||
| CVE-2015-7341 | 1 Joobi | 1 Jnews | 2020-03-10 | 6.5 MEDIUM | 8.8 HIGH |
| JNews Joomla Component before 8.5.0 allows arbitrary File Upload via Subscribers or Templates, as demonstrated by the .php5 extension. | |||||
| CVE-2020-8500 | 1 Artica | 1 Pandora Fms | 2020-03-09 | 6.5 MEDIUM | 7.2 HIGH |
| ** DISPUTED ** In Artica Pandora FMS 7.42, Web Admin users can execute arbitrary code by uploading a .php file via the Updater or Extension component. NOTE: The vendor reports that this is intended functionality. | |||||
| CVE-2018-19798 | 1 Fleetco | 1 Fleet Maintenance Management | 2020-03-04 | 6.5 MEDIUM | 8.8 HIGH |
| Fleetco Fleet Maintenance Management (FMM) 1.2 and earlier allows uploading an arbitrary ".php" file with the application/x-php Content-Type to the accidents_add.php?submit=1 URI, as demonstrated by the value_Images_1 field, which leads to remote command execution on the remote server. Any authenticated user can exploit this. | |||||
| CVE-2018-17058 | 1 Jaba | 1 Jaba Xpress | 2020-03-04 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in JABA XPress Online Shop through 2018-09-14. It contains an arbitrary file upload vulnerability in the picture-upload feature of ProductEdit.aspx. An authenticated attacker may bypass the frontend filename validation and upload an arbitrary file via FileUploader.aspx.cs in FileUploader.aspx by using empty w and h parameters. This file may contain arbitrary aspx code that may be executed by accessing /Jec/ProductImages/<number>/<filename>. Accessing the file once uploaded does not require authentication. | |||||
| CVE-2016-11020 | 1 Kunena | 1 Kunena | 2020-03-03 | 7.5 HIGH | 9.8 CRITICAL |
| Kunena before 5.0.4 does not restrict avatar file extensions to gif, jpeg, jpg, and png. This can lead to XSS and remote code execution. | |||||
| CVE-2011-4908 | 1 Tiny | 1 Tinybrowser | 2020-02-25 | 10.0 HIGH | 9.8 CRITICAL |
| TinyBrowser plugin for Joomla! before 1.5.13 allows arbitrary file upload via upload.php. | |||||
| CVE-2011-4906 | 1 Tiny | 1 Tinybrowser | 2020-02-25 | 7.5 HIGH | 9.8 CRITICAL |
| Tiny browser in TinyMCE 3.0 editor in Joomla! before 1.5.13 allows file upload and arbitrary PHP code execution. | |||||
| CVE-2020-6975 | 1 Digi | 3 Connectport Lts 32 Mei, Connectport Lts 32 Mei Bios, Connectport Lts 32 Mei Firmware | 2020-02-21 | 4.0 MEDIUM | 4.9 MEDIUM |
| Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 (82002228_K 08/09/2018), bios Version 1.2. Successful exploitation of this vulnerability could allow an attacker to upload a malicious file to the application. | |||||
| CVE-2018-12263 | 1 Portfoliocms Project | 1 Portfoliocms | 2020-02-20 | 6.5 MEDIUM | 8.8 HIGH |
| portfolioCMS 1.0.5 allows upload of arbitrary .php files via the admin/portfolio.php?newpage=true URI. | |||||
| CVE-2016-10954 | 1 Dynamicpress | 1 Neosense | 2020-02-17 | 7.5 HIGH | 9.8 CRITICAL |
| The Neosense theme before 1.8 for WordPress has qquploader unrestricted file upload. | |||||
| CVE-2013-2057 | 1 Yabb | 1 Yabb | 2020-02-14 | 7.5 HIGH | 9.8 CRITICAL |
| YaBB through 2.5.2: 'guestlanguage' Cookie Parameter Local File Include Vulnerability | |||||
| CVE-2013-0803 | 1 Polarbear Cms Project | 1 Polarbear Cms | 2020-02-14 | 7.5 HIGH | 9.8 CRITICAL |
| A PHP File Upload Vulnerability exists in PolarBear CMS 2.5 via upload.php, which could let a malicious user execute arbitrary code. | |||||
| CVE-2014-2025 | 1 Unitedplanet | 1 Intrexx | 2020-02-13 | 7.5 HIGH | 9.8 CRITICAL |
| Unrestricted file upload vulnerability in an unspecified third party tool in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via unknown vectors. | |||||
| CVE-2013-3684 | 1 Imagely | 1 Nextgen Gallery | 2020-02-13 | 10.0 HIGH | 9.8 CRITICAL |
| NextGEN Gallery plugin before 1.9.13 for WordPress: ngggallery.php file upload | |||||
| CVE-2014-8739 | 2 Creative-solutions, Jquery File Upload Project | 2 Creative Contact Form, Jquery File Upload | 2020-02-12 | 7.5 HIGH | 9.8 CRITICAL |
| Unrestricted file upload vulnerability in server/php/UploadHandler.php in the jQuery File Upload Plugin 6.4.4 for jQuery, as used in the Creative Solutions Creative Contact Form (formerly Sexy Contact Form) before 1.0.0 for WordPress and before 2.0.1 for Joomla!, allows remote attackers to execute arbitrary code by uploading a PHP file with an PHP extension, then accessing it via a direct request to the file in files/, as exploited in the wild in October 2014. | |||||
| CVE-2013-3591 | 1 Vtiger | 1 Vtiger Crm | 2020-02-11 | 6.5 MEDIUM | 8.8 HIGH |
| vTiger CRM 5.3 and 5.4: 'files' Upload Folder Arbitrary PHP Code Execution Vulnerability | |||||
| CVE-2011-1597 | 1 Openvas | 1 Openvas Manager | 2020-02-10 | 6.5 MEDIUM | 8.8 HIGH |
| OpenVAS Manager v2.0.3 allows plugin remote code execution. | |||||
| CVE-2015-6000 | 1 Vtiger | 1 Vtiger Crm | 2020-02-10 | 6.5 MEDIUM | 8.8 HIGH |
| Unrestricted file upload vulnerability in the Settings_Vtiger_CompanyDetailsSave_Action class in modules/Settings/Vtiger/actions/CompanyDetailsSave.php in Vtiger CRM 6.3.0 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in test/logo/. | |||||
| CVE-2020-6754 | 1 Dotcms | 1 Dotcms | 2020-02-07 | 7.5 HIGH | 9.8 CRITICAL |
| dotCMS before 5.2.4 is vulnerable to directory traversal, leading to incorrect access control. It allows an attacker to read or execute files under $TOMCAT_HOME/webapps/ROOT/assets (which should be a protected directory). Additionally, attackers can upload temporary files (e.g., .jsp files) into /webapps/ROOT/assets/tmp_upload, which can lead to remote command execution (with the permissions of the user running the dotCMS application). | |||||
| CVE-2013-6358 | 1 Prestashop | 1 Prestashop | 2020-02-06 | 9.0 HIGH | 8.8 HIGH |
| PrestaShop 1.5.5 allows remote authenticated attackers to execute arbitrary code by uploading a crafted profile and then accessing it in the module/ directory. | |||||
| CVE-2020-8440 | 1 Simplejobscript | 1 Simplejobscript | 2020-02-05 | 7.5 HIGH | 9.8 CRITICAL |
| controllers/page_apply.php in Simplejobscript.com SJS through 1.66 is prone to unauthenticated Remote Code Execution by uploading a PHP script as a resume. | |||||
| CVE-2013-2748 | 1 Belkin | 2 Wemo Switch, Wemo Switch Firmware | 2020-02-05 | 7.5 HIGH | 9.8 CRITICAL |
| Belkin Wemo Switch before WeMo_US_2.00.2176.PVT could allow remote attackers to upload arbitrary files onto the system. | |||||
| CVE-2013-7390 | 1 Zohocorp | 1 Manageengine Desktop Central | 2020-02-05 | 7.5 HIGH | 9.8 CRITICAL |
| Unrestricted file upload vulnerability in AgentLogUploadServlet in ManageEngine DesktopCentral 7.x and 8.0.0 before build 80293 allows remote attackers to execute arbitrary code by uploading a file with a jsp extension, then accessing it via a direct request to the file in the webroot. | |||||
| CVE-2020-7998 | 1 Super File Explorer Project | 1 Super File Explorer | 2020-02-04 | 9.0 HIGH | 8.8 HIGH |
| An arbitrary file upload vulnerability has been discovered in the Super File Explorer app 1.0.1 for iOS. The vulnerability is located in the developer path that is accessible and hidden next to the root path. By default, there is no password set for the FTP or Web UI service. | |||||
| CVE-2012-6649 | 1 Devfarm | 1 Wp Gpx Maps | 2020-01-29 | 7.5 HIGH | 9.8 CRITICAL |
| WordPress WP GPX Maps Plugin 1.1.21 allows remote attackers to execute arbitrary PHP code via improper file upload. | |||||