Total
1580 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-12377 | 1 Ivanti | 1 Landesk Management Suite | 2019-06-04 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerable upl/async_upload.asp web API endpoint in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Service Update 5 allows arbitrary file upload, which may lead to arbitrary remote code execution. | |||||
| CVE-2019-12150 | 1 Karamasoft | 1 Ultimateeditor | 2019-05-30 | 7.5 HIGH | 9.8 CRITICAL |
| Karamasoft UltimateEditor 1 does not ensure that an uploaded file is an image or document (neither file types nor extensions are restricted). The attacker must use the Attach icon to perform an upload. An uploaded file is accessible under the UltimateEditorInclude/UserFiles/ URI. | |||||
| CVE-2016-10751 | 1 Osclass | 1 Osclass | 2019-05-29 | 6.5 MEDIUM | 7.2 HIGH |
| osClass 3.6.1 allows oc-admin/plugins.php Directory Traversal via the plugin parameter. This is exploitable for remote PHP code execution because an administrator can upload an image that contains PHP code in the EXIF data via index.php?page=ajax&action=ajax_upload. | |||||
| CVE-2016-10752 | 1 S9y | 1 Serendipity | 2019-05-29 | 7.5 HIGH | 9.8 CRITICAL |
| serendipity_moveMediaDirectory in Serendipity 2.0.3 allows remote attackers to upload and execute arbitrary PHP code because it mishandles an extensionless filename during a rename, as demonstrated by "php" as a filename. | |||||
| CVE-2016-10758 | 1 Phpkit | 1 Phpkit | 2019-05-29 | 6.5 MEDIUM | 8.8 HIGH |
| PHPKIT 1.6.6 allows arbitrary File Upload, as demonstrated by a .php file to pkinc/admin/mediaarchive.php and pkinc/func/default.php via the image_name parameter. | |||||
| CVE-2019-9951 | 1 Western Digital | 15 My Cloud, My Cloud Dl2100, My Cloud Dl4100 and 12 more | 2019-05-28 | 7.5 HIGH | 9.8 CRITICAL |
| Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud EX4100, My Cloud DL2100, My Cloud DL4100, My Cloud PR2100 and My Cloud PR4100 firmware before 2.31.174 is affected by an unauthenticated file upload vulnerability. The page web/jquery/uploader/uploadify.php can be accessed without any credentials, and allows uploading arbitrary files to any location on the attached storage. | |||||
| CVE-2018-19612 | 1 Westermo | 6 Dr-250, Dr-250 Firmware, Dr-260 and 3 more | 2019-05-28 | 6.5 MEDIUM | 8.8 HIGH |
| The /uploadfile? functionality in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allows remote users to upload malicious file types and execute ASP code. | |||||
| CVE-2017-11561 | 1 Zohocorp | 1 Manageengine Opmanager | 2019-05-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in ZOHO ManageEngine OpManager 12.2. An authenticated user can upload any file they want to share in the "Group Chat" or "Alarm" section. This functionality can be abused by a malicious user by uploading a web shell. | |||||
| CVE-2019-6513 | 1 Wso2 | 1 Api Manager | 2019-05-23 | 5.5 MEDIUM | 5.4 MEDIUM |
| An issue was discovered in WSO2 API Manager 2.6.0. It is possible for a logged-in user to upload, as API documentation, any type of file by changing the extension to an allowed one. | |||||
| CVE-2018-19550 | 1 Interspire | 1 Email Marketer | 2019-05-23 | 6.5 MEDIUM | 8.8 HIGH |
| Interspire Email Marketer through 6.1.6 allows arbitrary file upload via a surveys_submit.php "create survey and submit survey" operation, which can cause a .php file to be accessible under a admin/temp/surveys/ URI. | |||||
| CVE-2019-8404 | 1 Webiness Inventory Project | 1 Webiness Inventory | 2019-05-22 | 5.5 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Webiness Inventory 2.3. The ProductModel component allows Arbitrary File Upload via a crafted product image during the creation of a new product. Consequently, an attacker can steal information from the site with the help of an installed executable file, or change the contents of pages. | |||||
| CVE-2019-11887 | 1 Simplybook | 1 Simplybook | 2019-05-20 | 7.5 HIGH | 9.8 CRITICAL |
| SimplyBook.me through 2019-05-11 does not properly restrict File Upload which could allow remote code execution. | |||||
| CVE-2018-19789 | 2 Debian, Sensiolabs | 2 Debian Linux, Symfony | 2019-05-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9, and 4.2.x before 4.2.1. When using the scalar type hint `string` in a setter method (e.g. `setName(string $name)`) of a class that's the `data_class` of a form, and when a file upload is submitted to the corresponding field instead of a normal text input, then `UploadedFile::__toString()` is called which will then return and disclose the path of the uploaded file. If combined with a local file inclusion issue in certain circumstances this could escalate it to a Remote Code Execution. | |||||
| CVE-2018-4063 | 1 Sierrawireless | 2 Airlink Es450, Airlink Es450 Firmware | 2019-05-07 | 9.0 HIGH | 8.8 HIGH |
| An exploitable remote code execution vulnerability exists in the upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can upload a file, resulting in executable code being uploaded, and routable, to the webserver. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2019-11028 | 1 Gatship | 1 Web Module | 2019-05-03 | 6.5 MEDIUM | 8.8 HIGH |
| GAT-Ship Web Module before 1.40 suffers from a vulnerability allowing authenticated attackers to upload any file type to the server via the "Documents" area. This vulnerability is related to "uploadDocFile.aspx". | |||||
| CVE-2019-11615 | 1 Doorgets | 1 Doorgets Cms | 2019-05-01 | 6.5 MEDIUM | 8.8 HIGH |
| /fileman/php/upload.php in doorGets 7.0 has an arbitrary file upload vulnerability. A remote normal registered user can use this vulnerability to upload backdoor files to control the server. | |||||
| CVE-2019-11568 | 1 Aikcms | 1 Aikcms | 2019-04-29 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in AikCms v2.0. There is a File upload vulnerability, as demonstrated by an admin/page/system/nav.php request with PHP code in a .php file with the application/octet-stream content type. | |||||
| CVE-2017-14521 | 1 Wondercms | 1 Wondercms | 2019-04-26 | 6.5 MEDIUM | 8.8 HIGH |
| In WonderCMS 2.3.1, the upload functionality accepts random application extensions and leads to malicious File Upload. | |||||
| CVE-2019-11446 | 1 Atutor | 1 Atutor | 2019-04-26 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in ATutor through 2.2.4. It allows the user to run commands on the server with the teacher user privilege. The Upload Files section in the File Manager field contains an arbitrary file upload vulnerability via upload.php. The $IllegalExtensions value only lists lowercase (and thus .phP is a bypass), and omits .shtml and .phtml. | |||||
| CVE-2016-7443 | 1 Exponentcms | 1 Exponent Cms | 2019-04-25 | 7.5 HIGH | 9.8 CRITICAL |
| Exponent CMS 2.3.0 through 2.3.9 allows remote attackers to have unspecified impact via vectors related to "uploading files to wrong location." | |||||