Total
1580 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-31134 | 1 Zulip | 1 Zulip Server | 2022-07-22 | 4.0 MEDIUM | 4.9 MEDIUM |
| Zulip is an open-source team collaboration tool. Zulip Server versions 2.1.0 above have a user interface tool, accessible only to server owners and server administrators, which provides a way to download a "public data" export. While this export is only accessible to administrators, in many configurations server administrators are not expected to have access to private messages and private streams. However, the "public data" export which administrators could generate contained the attachment contents for all attachments, even those from private messages and streams. Zulip Server version 5.4 contains a patch for this issue. | |||||
| CVE-2021-36711 | 1 Octobot | 1 Octobot | 2022-07-22 | N/A | 9.8 CRITICAL |
| WebInterface in OctoBot before 0.4.4 allows remote code execution because Tentacles upload is mishandled. | |||||
| CVE-2022-31161 | 1 Roxy-wi | 1 Roxy-wi | 2022-07-22 | N/A | 9.8 CRITICAL |
| Roxy-WI is a Web interface for managing HAProxy, Nginx and Keepalived servers. Prior to version 6.1.1.0, the system command can be run remotely via the subprocess_execute function without processing the inputs received from the user in the /app/options.py file. Version 6.1.1.0 contains a patch for this issue. | |||||
| CVE-2022-31854 | 1 Codologic | 1 Codoforum | 2022-07-21 | 6.5 MEDIUM | 7.2 HIGH |
| Codoforum v5.1 was discovered to contain an arbitrary file upload vulnerability via the logo change option in the admin panel. | |||||
| CVE-2022-28369 | 1 Verizon | 2 Lvskihp Indoorunit, Lvskihp Indoorunit Firmware | 2022-07-20 | N/A | 9.8 CRITICAL |
| Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 does not validate the user-provided URL within the crtcmode function's enable_ssh sub-operation of the crtcrpc JSON listener (found at /lib/functions/wnc_jsonsh/crtcmode.sh) A remote attacker on the local network can provide a malicious URL. The data (found at that URL) is written to /usr/sbin/dropbear and then executed as root. | |||||
| CVE-2022-28372 | 1 Verizon | 4 Lvskihp Indoorunit, Lvskihp Indoorunit Firmware, Lvskihp Outdoorunit and 1 more | 2022-07-20 | N/A | 7.5 HIGH |
| On Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 and OutDoorUnit (ODU) 3.33.101.0 devices, the CRTC and ODU RPC endpoints provide a means of provisioning a firmware update for the device via crtc_fw_upgrade or crtcfwimage. The URL provided is not validated, and thus allows for arbitrary file upload to the device. This occurs in /lib/lua/luci/crtc.lua (IDU) and /lib/functions/wnc_jsonsh/wnc_crtc_fw.sh (ODU). | |||||
| CVE-2022-30216 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server 2016 and 1 more | 2022-07-20 | 6.5 MEDIUM | 8.8 HIGH |
| Windows Server Service Tampering Vulnerability. | |||||
| CVE-2022-22450 | 2 Ibm, Linux | 2 Security Verify Governance, Linux Kernel | 2022-07-20 | N/A | 3.8 LOW |
| IBM Security Verify Identity Manager 10.0 could allow a privileged user to upload a malicious file by bypassing extension security in an HTTP request. IBM X-Force ID: 224916. | |||||
| CVE-2021-36461 | 1 Microweber | 1 Microweber | 2022-07-19 | 6.5 MEDIUM | 8.8 HIGH |
| An Arbitrary File Upload vulnerability exists in Microweber 1.1.3 that allows attackers to getshell via the Settings Upload Picture section by uploading pictures with malicious code, user.ini. | |||||
| CVE-2021-39017 | 3 Ibm, Linux, Microsoft | 3 Engineering Lifecycle Optimization Publishing, Linux Kernel, Windows | 2022-07-18 | N/A | 6.5 MEDIUM |
| IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to upload arbitrary files, caused by improper access controls. IBM X-Force ID: 213725. | |||||
| CVE-2022-1952 | 1 Syntactics | 1 Free Booking Plugin For Hotels\, Restaurant And Car Rental | 2022-07-15 | 7.5 HIGH | 9.8 CRITICAL |
| The Free Booking Plugin for Hotels, Restaurant and Car Rental WordPress plugin before 1.1.16 suffers from insufficient input validation which leads to arbitrary file upload and subsequently to remote code execution. An AJAX action accessible to unauthenticated users is affected by this issue. An allowlist of valid file extensions is defined but is not used during the validation steps. | |||||
| CVE-2021-29281 | 1 Gfi | 1 Archiver | 2022-07-14 | 7.5 HIGH | 9.8 CRITICAL |
| File upload vulnerability in GFI Mail Archiver versions up to and including 15.1 via insecure implementation of Telerik Web UI plugin which is affected by CVE-2014-2217, and CVE-2017-11317. | |||||
| CVE-2015-1784 | 1 Imagely | 1 Nextgen Gallery | 2022-07-14 | 6.5 MEDIUM | 8.8 HIGH |
| In nextgen-galery wordpress plugin before 2.0.77.3 there are two vulnerabilities which can allow an attacker to gain full access over the web application. The vulnerabilities lie in how the application validates user uploaded files and lack of security measures preventing unwanted HTTP requests. | |||||
| CVE-2022-32413 | 1 Dice Project | 1 Dice | 2022-07-13 | 7.5 HIGH | 9.8 CRITICAL |
| An arbitrary file upload vulnerability in Dice v4.2.0 allows attackers to execute arbitrary code via a crafted file. | |||||
| CVE-2021-37741 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2022-07-12 | 6.5 MEDIUM | 8.8 HIGH |
| ManageEngine ADManager Plus before 7111 has Pre-authentication RCE vulnerabilities. | |||||
| CVE-2020-24203 | 1 Projectworlds | 1 Travel Management System | 2022-07-12 | 7.5 HIGH | 9.8 CRITICAL |
| Insecure File Permissions and Arbitrary File Upload in the upload pic function in updatesubcategory.php in Projects World Travel Management System v1.0 allows remote unauthenticated attackers to gain remote code execution. | |||||
| CVE-2021-44664 | 1 Xerte | 1 Xerte | 2022-07-12 | 6.5 MEDIUM | 8.8 HIGH |
| An Authenticated Remote Code Exection (RCE) vulnerability exists in Xerte through 3.9 in website_code/php/import/fileupload.php by uploading a maliciously crafted PHP file though the project interface disguised as a language file to bypasses the upload filters. Attackers can manipulate the files destination by abusing path traversal in the 'mediapath' variable. | |||||
| CVE-2021-21131 | 2 Google, Microsoft | 2 Chrome, Edge Chromium | 2022-07-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. | |||||
| CVE-2022-31943 | 1 Mingsoft | 1 Mcms | 2022-07-11 | 7.5 HIGH | 9.8 CRITICAL |
| MCMS v5.2.8 was discovered to contain an arbitrary file upload vulnerability. | |||||
| CVE-2021-37770 | 1 Nucleuscms | 1 Nucleus Cms | 2022-07-08 | 6.5 MEDIUM | 7.2 HIGH |
| Nucleus CMS v3.71 is affected by a file upload vulnerability. In this vulnerability, we can use upload to change the upload path to the path without the Htaccess file. Upload an Htaccess file and write it to AddType application / x-httpd-php.jpg. In this way, an attacker can upload a picture with shell, treat it as PHP, execute commands, so as to take down website resources. | |||||