Total
1580 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-12185 | 1 Elabftw | 1 Elabftw | 2020-08-24 | 9.0 HIGH | 8.8 HIGH |
| eLabFTW 1.8.5 is vulnerable to arbitrary file uploads via the /app/controllers/EntityController.php component. This may result in remote command execution. An attacker can use a user account to fully compromise the system using a POST request. This will allow for PHP files to be written to the web root, and for code to execute on the remote server. | |||||
| CVE-2019-13294 | 1 Arox | 1 School-erp | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| AROX School-ERP Pro has a command execution vulnerability. import_stud.php and upload_fille.php do not have session control. Therefore an unauthenticated user can execute a command on the system. | |||||
| CVE-2019-14467 | 1 Infoway | 1 Social Photo Gallery | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| The Social Photo Gallery plugin 1.0 for WordPress allows Remote Code Execution by creating an album and attaching a malicious PHP file in the cover photo album, because the file extension is not checked. | |||||
| CVE-2019-16192 | 1 Doccms | 1 Doccms | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| upload_model() in /admini/controllers/system/managemodel.php in DocCms 2016.5.17 allow remote attackers to execute arbitrary PHP code through module management files, as demonstrated by a .php file in a ZIP archive. | |||||
| CVE-2020-22722 | 2 Microsoft, Rapidscada | 2 Windows, Rapid Scada | 2020-08-21 | 7.2 HIGH | 7.8 HIGH |
| Rapid Software LLC Rapid SCADA 5.8.0 is affected by a local privilege escalation vulnerability in the ScadaAgentSvc.exe executable file. An attacker can obtain admin privileges by placing a malicious .exe file in the application and renaming it ScadaAgentSvc.exe, which would result in executing the binary as NT AUTHORITY\SYSTEM in a Windows operating system. For example, an attacker can plant a reverse shell from a low privileged user account and by restarting the computer, the malicious service will be started as NT AUTHORITY\SYSTEM by giving the attacker full system access to the remote PC. | |||||
| CVE-2020-22721 | 1 Pnotes.net Project | 1 Pnotes.net | 2020-08-21 | 4.6 MEDIUM | 7.8 HIGH |
| A File Upload Vulnerability in PNotes - Andrey Gruber PNotes.NET v3.8.1.2 allows a local attacker to execute arbitrary code via the Miscellaneous " External Programs by uploading the malicious .exe file to the external program. | |||||
| CVE-2020-17462 | 1 Cmsmadesimple | 1 Cms Made Simple | 2020-08-19 | 6.5 MEDIUM | 7.8 HIGH |
| CMS Made Simple 2.2.14 allows Authenticated Arbitrary File Upload because the File Manager does not block .ptar files, a related issue to CVE-2017-16798. | |||||
| CVE-2020-7302 | 1 Mcafee | 1 Data Loss Prevention | 2020-08-18 | 5.5 MEDIUM | 6.4 MEDIUM |
| Unrestricted Upload of File with Dangerous Type in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated attackers to upload malicious files to the DLP case management section via lack of sanity checking. | |||||
| CVE-2020-6293 | 1 Sap | 1 Netweaver Knowledge Management | 2020-08-13 | 6.4 MEDIUM | 6.5 MEDIUM |
| SAP NetWeaver (Knowledge Management), versions - 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to upload a malicious file and also to access, modify or make unavailable existing files but the impact is limited to the files themselves and is restricted by other policies such as access control lists and other upload file size restrictions, leading to Unrestricted File Upload. | |||||
| CVE-2020-15649 | 2 Google, Mozilla | 2 Android, Firefox Esr | 2020-08-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| Given an installed malicious file picker application, an attacker was able to steal and upload local files of their choosing, regardless of the actually files picked. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.11. | |||||
| CVE-2020-17452 | 1 Flatcore | 1 Flatcore | 2020-08-10 | 9.0 HIGH | 7.2 HIGH |
| flatCore before 1.5.7 allows upload and execution of a .php file by an admin. | |||||
| CVE-2017-1000194 | 1 Octobercms | 1 October | 2020-08-03 | 7.5 HIGH | 9.8 CRITICAL |
| October CMS build 412 is vulnerable to Apache configuration modification via file upload functionality resulting in site compromise and possibly other applications on the server. | |||||
| CVE-2017-1000119 | 1 Octobercms | 1 October | 2020-08-03 | 6.5 MEDIUM | 7.2 HIGH |
| October CMS build 412 is vulnerable to PHP code execution in the file upload functionality resulting in site compromise and possibly other applications on the server. | |||||
| CVE-2020-14488 | 1 Freemedsoftware | 1 Openclinic Ga | 2020-07-29 | 9.0 HIGH | 8.8 HIGH |
| OpenClinic GA 5.09.02 and 5.89.05b does not properly verify uploaded files, which may allow a low-privilege user to upload and execute arbitrary files on the system. | |||||
| CVE-2020-9309 | 1 Silverstripe | 2 Mimevalidator, Recipe | 2020-07-24 | 6.8 MEDIUM | 8.8 HIGH |
| Silverstripe CMS through 4.5 can be susceptible to script execution from malicious upload contents under allowed file extensions (for example HTML code in a TXT file). When these files are stored as protected or draft files, the MIME detection can cause browsers to execute the file contents. Uploads stored as protected or draft files are allowed by default for authorised users only, but can also be enabled through custom logic as well as modules such as silverstripe/userforms. Sites using the previously optional silverstripe/mimevalidator module can configure MIME whitelists rather than extension whitelists, and hence prevent this issue. Sites on the Common Web Platform (CWP) use this module by default, and are not affected. | |||||
| CVE-2019-12409 | 2 Apache, Linux | 2 Solr, Linux Kernel | 2020-07-23 | 7.5 HIGH | 9.8 CRITICAL |
| The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLE_REMOTE_JMX_OPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX monitoring will be enabled and exposed on RMI_PORT (default=18983), without any authentication. If this port is opened for inbound traffic in your firewall, then anyone with network access to your Solr nodes will be able to access JMX, which may in turn allow them to upload malicious code for execution on the Solr server. | |||||
| CVE-2020-14066 | 1 Icewarp | 1 Mail Server | 2020-07-22 | 6.5 MEDIUM | 8.8 HIGH |
| IceWarp Email Server 12.3.0.1 allows remote attackers to upload JavaScript files that are dangerous for clients to access. | |||||
| CVE-2020-14065 | 1 Icewarp | 1 Mail Server | 2020-07-22 | 4.0 MEDIUM | 6.5 MEDIUM |
| IceWarp Email Server 12.3.0.1 allows remote attackers to upload files and consume disk space. | |||||
| CVE-2020-12854 | 1 Seczetta | 1 Neprofile | 2020-07-22 | 6.5 MEDIUM | 8.8 HIGH |
| A remote code execution vulnerability was identified in SecZetta NEProfile 3.3.11. Authenticated remote adversaries can invoke code execution upon uploading a carefully crafted JPEG file as part of the profile avatar. | |||||
| CVE-2020-1469 | 1 Microsoft | 1 Bond | 2020-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| A denial of service vulnerability exists when the .NET implementation of Bond improperly parses input, aka 'Bond Denial of Service Vulnerability'. | |||||