Total
1580 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-23138 | 1 Microweber | 1 Microweber | 2020-11-20 | 7.5 HIGH | 9.8 CRITICAL |
| An unrestricted file upload vulnerability was discovered in the Microweber 1.1.18 admin account page. An attacker can upload PHP code or any extension (eg- .exe) to the web server by providing image data and the image/jpeg content type with a .php extension. | |||||
| CVE-2020-26804 | 1 Sapplica | 1 Sentrifugo | 2020-11-17 | 6.5 MEDIUM | 8.8 HIGH |
| In Sentrifugo 3.2, users can share an announcement under "Organization -> Announcements" tab. Also, in this page, users can upload attachments with the shared announcements. This "Upload Attachment" functionality is suffered from "Unrestricted File Upload" vulnerability so attacker can upload malicious files using this functionality and control the server. | |||||
| CVE-2020-26803 | 1 Sapplica | 1 Sentrifugo | 2020-11-17 | 6.5 MEDIUM | 8.8 HIGH |
| In Sentrifugo 3.2, users can upload an image under "Assets -> Add" tab. This "Upload Images" functionality is suffered from "Unrestricted File Upload" vulnerability so attacker can upload malicious files using this functionality and control the server. | |||||
| CVE-2020-24407 | 1 Magento | 1 Magento | 2020-11-12 | 9.0 HIGH | 9.1 CRITICAL |
| Magento versions 2.4.0 and 2.3.5p1 (and earlier) are affected by an unsafe file upload vulnerability that could result in arbitrary code execution. This vulnerability could be abused by authenticated users with administrative permissions to the System/Data and Transfer/Import components. | |||||
| CVE-2020-11486 | 2 Intel, Nvidia | 2 Bmc Firmware, Dgx-1 | 2020-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which software allows an attacker to upload or transfer files that can be automatically processed within the product's environment, which may lead to remote code execution. | |||||
| CVE-2020-15277 | 1 Basercms | 1 Basercms | 2020-11-03 | 6.5 MEDIUM | 7.2 HIGH |
| baserCMS before version 4.4.1 is affected by Remote Code Execution (RCE). Code may be executed by logging in as a system administrator and uploading an executable script file such as a PHP file. The Edit template component is vulnerable. The issue is fixed in version 4.4.1. | |||||
| CVE-2020-27956 | 1 Car Rental Management System Project | 1 Car Rental Management System | 2020-11-03 | 7.5 HIGH | 9.8 CRITICAL |
| An Arbitrary File Upload in the Upload Image component in SourceCodester Car Rental Management System 1.0 allows the user to conduct remote code execution via admin/index.php?page=manage_car because .php files can be uploaded to admin/assets/uploads/ (under the web root). | |||||
| CVE-2015-9228 | 1 Imagely | 1 Nextgen Gallery | 2020-10-29 | 9.0 HIGH | 8.8 HIGH |
| In post-new.php in the Photocrati NextGEN Gallery plugin 2.1.10 for WordPress, unrestricted file upload is available via the name parameter, if a file extension is changed from .jpg to .php. | |||||
| CVE-2020-26583 | 1 Sagedpw | 1 Sage Dpw | 2020-10-29 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in Sage DPW 2020_06_x before 2020_06_002. It allows unauthenticated users to upload JavaScript (in a file) via the expenses claiming functionality. However, to view the file, authentication is required. By exploiting this vulnerability, an attacker can persistently include arbitrary HTML or JavaScript code into the affected web page. The vulnerability can be used to change the contents of the displayed site, redirect to other sites, or steal user credentials. Additionally, users are potential victims of browser exploits and JavaScript malware. | |||||
| CVE-2020-3436 | 1 Cisco | 2 Adaptive Security Appliance, Firepower Threat Defense | 2020-10-26 | 7.8 HIGH | 8.6 HIGH |
| A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to upload arbitrary-sized files to specific folders on an affected device, which could lead to an unexpected device reload. The vulnerability exists because the affected software does not efficiently handle the writing of large files to specific folders on the local file system. An attacker could exploit this vulnerability by uploading files to those specific folders. A successful exploit could allow the attacker to write a file that triggers a watchdog timeout, which would cause the device to unexpectedly reload, causing a denial of service (DoS) condition. | |||||
| CVE-2019-1861 | 1 Cisco | 1 Industrial Network Director | 2020-10-16 | 9.0 HIGH | 7.2 HIGH |
| A vulnerability in the software update feature of Cisco Industrial Network Director could allow an authenticated, remote attacker to execute arbitrary code. The vulnerability is due to improper validation of files uploaded to the affected application. An attacker could exploit this vulnerability by authenticating to the affected system using administrator privileges and uploading an arbitrary file. A successful exploit could allow the attacker to execute arbitrary code with elevated privileges. | |||||
| CVE-2020-15488 | 1 Re-desk | 1 Re\ | 2020-10-15 | 5.0 MEDIUM | 7.5 HIGH |
| Re:Desk 2.3 allows insecure file upload. | |||||
| CVE-2020-26048 | 1 Cuppacms | 1 Cuppacms | 2020-10-14 | 6.5 MEDIUM | 8.8 HIGH |
| The file manager option in CuppaCMS before 2019-11-12 allows an authenticated attacker to upload a malicious file within an image extension and through a custom request using the rename function provided by the file manager is able to modify the image extension into PHP resulting in remote arbitrary code execution. | |||||
| CVE-2020-19672 | 1 Niushop | 1 Niushop | 2020-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| Niushop B2B2C Multi-business basic version V1.11, can bypass the administrator to obtain the background upload interface, through parameter upload, bypass the getimagesize function, upload php file, getshell. | |||||
| CVE-2020-25763 | 1 Seat Reservation System Project | 1 Seat Reservation System | 2020-10-08 | 7.5 HIGH | 9.8 CRITICAL |
| Seat Reservation System version 1.0 suffers from an Unauthenticated File Upload Vulnerability allowing Remote Attackers to gain Remote Code Execution (RCE) on the Hosting Webserver via uploading PHP files. | |||||
| CVE-2020-12715 | 1 Rainbowfishsoftware | 1 Pacsone Server | 2020-10-02 | 6.5 MEDIUM | 8.8 HIGH |
| RainbowFish PacsOne Server 6.8.4 has Incorrect Access Control. | |||||
| CVE-2017-14123 | 1 Zohocorp | 1 Manageengine Firewall Analyzer | 2020-10-01 | 9.0 HIGH | 8.8 HIGH |
| Zoho ManageEngine Firewall Analyzer 12200 has an unrestricted File Upload vulnerability in the "Group Chat" section. Any user can upload files with any extensions. By uploading a PHP file to the server, an attacker can cause it to execute in the server context, as demonstrated by /itplus/FileStorage/302/shell.jsp. | |||||
| CVE-2020-25515 | 1 Simple Library Management System Project | 1 Simple Library Management System | 2020-09-30 | 4.6 MEDIUM | 7.8 HIGH |
| Sourcecodester Simple Library Management System 1.0 is affected by Insecure Permissions via Books > New Book , http://<site>/lms/index.php?page=books. | |||||
| CVE-2020-15839 | 1 Liferay | 2 Digital Experience Platform, Liferay Portal | 2020-09-30 | 4.0 MEDIUM | 6.5 MEDIUM |
| Liferay Portal before 7.3.3, and Liferay DXP 7.1 before fix pack 18 and 7.2 before fix pack 6, does not restrict the size of a multipart/form-data POST action, which allows remote authenticated users to conduct denial-of-service attacks by uploading large files. | |||||
| CVE-2020-25149 | 1 Observium | 1 Observium | 2020-09-29 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to directory traversal and local file inclusion due to the fact that there is an unrestricted possibility of loading any file with an inc.php extension. Inclusion of other files (even though limited to the mentioned extension) can lead to Remote Code Execution. This can occur via /device/device=345/?tab=health&metric=../ because of device/health.inc.php. | |||||