Total
1580 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-40845 | 1 Zenitel | 1 Alphacom Xe Audio Server | 2021-09-27 | 6.5 MEDIUM | 8.8 HIGH |
| The web part of Zenitel AlphaCom XE Audio Server through 11.2.3.10, called AlphaWeb XE, does not restrict file upload in the Custom Scripts section at php/index.php. Neither the content nor extension of the uploaded files is checked, allowing execution of PHP code under the /cmd directory. | |||||
| CVE-2020-21481 | 1 Rgcms Project | 1 Rgcms | 2021-09-27 | 6.5 MEDIUM | 7.2 HIGH |
| An arbitrary file upload vulnerability in RGCMS v1.06 allows attackers to execute arbitrary code via a crafted .txt file which is later changed to a PHP file. | |||||
| CVE-2021-36581 | 1 Kooboo | 1 Kooboo Cms | 2021-09-24 | 7.5 HIGH | 9.8 CRITICAL |
| Kooboo CMS 2.1.1.0 is vulnerable to Insecure file upload. It is possible to upload any file extension to the server. The server does not verify the extension of the file and the tester was able to upload an aspx to the server. | |||||
| CVE-2020-20672 | 1 Kitesky | 1 Kitecms | 2021-09-23 | 6.8 MEDIUM | 7.8 HIGH |
| An arbitrary file upload vulnerability in /admin/upload/uploadfile of KiteCMS V1.1 allows attackers to getshell via a crafted PHP file. | |||||
| CVE-2020-20670 | 1 Zkea | 1 Zkeacms | 2021-09-23 | 6.8 MEDIUM | 8.8 HIGH |
| An arbitrary file upload vulnerability in /admin/media/upload of ZKEACMS V3.2.0 allows attackers to execute arbitrary code via a crafted HTML file. | |||||
| CVE-2021-24493 | 1 Ingenesis | 1 Shopp | 2021-09-23 | 7.5 HIGH | 9.8 CRITICAL |
| The shopp_upload_file AJAX action of the Shopp WordPress plugin through 1.4, available to both unauthenticated and authenticated user does not have any security measure in place to prevent upload of malicious files, such as PHP, allowing unauthenticated users to upload arbitrary files and leading to RCE | |||||
| CVE-2021-24490 | 1 Email Artillery Project | 1 Email Artillery | 2021-09-23 | 6.0 MEDIUM | 6.8 MEDIUM |
| The Email Artillery (MASS EMAIL) WordPress plugin through 4.1 does not properly check the uploaded files from the Import Emails feature, allowing arbitrary files to be uploaded. Furthermore, the plugin is also lacking any CSRF check, allowing such issue to be exploited via a CSRF attack as well. However, due to the presence of a .htaccess, denying access to everything in the folder the file is uploaded to, the malicious uploaded file will only be accessible on Web Servers such as Nginx/IIS | |||||
| CVE-2020-19267 | 1 Dswjcms Project | 1 Dswjcms | 2021-09-22 | 7.5 HIGH | 9.8 CRITICAL |
| An issue in index.php/Dswjcms/Basis/resources of Dswjcms 1.6.4 allows attackers to execute arbitrary code via uploading a crafted PHP file. | |||||
| CVE-2020-21564 | 1 Pluck-cms | 1 Pluck | 2021-09-21 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in Pluck CMS 4.7.10-dev2 and 4.7.11. There is a file upload vulnerability that can cause a remote command execution via admin.php?action=files. | |||||
| CVE-2021-24499 | 1 Amentotech | 1 Workreap | 2021-09-21 | 7.5 HIGH | 9.8 CRITICAL |
| The Workreap WordPress theme before 2.2.2 AJAX actions workreap_award_temp_file_uploader and workreap_temp_file_uploader did not perform nonce checks, or validate that the request is from a valid user in any other way. The endpoints allowed for uploading arbitrary files to the uploads/workreap-temp directory. Uploaded files were neither sanitized nor validated, allowing an unauthenticated visitor to upload executable code such as php scripts. | |||||
| CVE-2020-8260 | 1 Pulsesecure | 1 Pulse Secure Desktop Client | 2021-09-21 | 6.5 MEDIUM | 7.2 HIGH |
| A vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an authenticated attacker to perform an arbitrary code execution using uncontrolled gzip extraction. | |||||
| CVE-2021-24376 | 1 Autoptimize | 1 Autoptimize | 2021-09-20 | 7.5 HIGH | 9.8 CRITICAL |
| The Autoptimize WordPress plugin before 2.7.8 attempts to delete malicious files (such as .php) form the uploaded archive via the "Import Settings" feature, after its extraction. However, the extracted folders are not checked and it is possible to upload a zip which contained a directory with PHP file in it and then it is not removed from the disk. It is a bypass of CVE-2020-24948 which allows sending a PHP file via the "Import Settings" functionality to achieve Remote Code Execution. | |||||
| CVE-2021-24370 | 1 Radykal | 1 Fancy Product Designer | 2021-09-20 | 7.5 HIGH | 9.8 CRITICAL |
| The Fancy Product Designer WordPress plugin before 4.6.9 allows unauthenticated attackers to upload arbitrary files, resulting in remote code execution. | |||||
| CVE-2021-34551 | 3 Fedoraproject, Microsoft, Phpmailer Project | 3 Fedora, Windows, Phpmailer | 2021-09-20 | 5.1 MEDIUM | 8.1 HIGH |
| PHPMailer before 6.5.0 on Windows allows remote code execution if lang_path is untrusted data and has a UNC pathname. | |||||
| CVE-2020-19138 | 1 Dotcms | 1 Dotcms | 2021-09-15 | 10.0 HIGH | 9.8 CRITICAL |
| Unrestricted Upload of File with Dangerous Type in DotCMS v5.2.3 and earlier allow remote attackers to execute arbitrary code via the component "/src/main/java/com/dotmarketing/filters/CMSFilter.java". | |||||
| CVE-2021-36440 | 1 Showdoc | 1 Showdoc | 2021-09-15 | 7.5 HIGH | 9.8 CRITICAL |
| Unrestricted File Upload in ShowDoc v2.9.5 allows remote attackers to execute arbitrary code via the 'file_url' parameter in the component AdminUpdateController.class.php'. | |||||
| CVE-2021-39608 | 1 Flatcore | 1 Flatcore-cms | 2021-09-14 | 9.0 HIGH | 7.2 HIGH |
| Remote Code Execution (RCE) vulnerabilty exists in FlatCore-CMS 2.0.7 via the upload addon plugin, which could let a remote malicious user exeuct arbitrary php code. | |||||
| CVE-2021-27198 | 1 Visualware | 1 Myconnection Server | 2021-09-14 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in Visualware MyConnection Server before v11.1a. Unauthenticated Remote Code Execution can occur via Arbitrary File Upload in the web service when using a myspeed/sf?filename= URI. This application is written in Java and is thus cross-platform. The Windows installation runs as SYSTEM, which means that exploitation gives one Administrator privileges on the target system. | |||||
| CVE-2019-6839 | 1 Schneider-electric | 8 Meg6260-0410, Meg6260-0410 Firmware, Meg6260-0415 and 5 more | 2021-09-14 | 6.5 MEDIUM | 8.8 HIGH |
| A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow a user with low privileges to upload a rogue file. | |||||
| CVE-2021-38841 | 1 Simple Water Refilling Station Management System Project | 1 Simple Water Refilling Station Management System | 2021-09-13 | 6.5 MEDIUM | 8.8 HIGH |
| Remote Code Execution can occur in Simple Water Refilling Station Management System 1.0 via the System Logo option on the system_info page in classes/SystemSettings.php with an update_settings action. | |||||