Total
2655 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-15137 | 1 Cela Link | 2 Clr-m20, Clr-m20 Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| CeLa Link CLR-M20 devices allow unauthorized users to upload any file (e.g., asp, aspx, cfm, html, jhtml, jsp, or shtml), which causes remote code execution as well. Because of the WebDAV feature, it is possible to upload arbitrary files by utilizing the PUT method. | |||||
| CVE-2018-14911 | 1 Ukcms | 1 Ukcms | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| A file upload vulnerability exists in ukcms v1.1.7 and earlier. The vulnerability is due to the system not strictly filtering the file upload type. An attacker can exploit the vulnerability to upload a script Trojan to admin.php/admin/configset/index/group/upload.html to gain server control by composing a request for a .txt upload and then changing it to a .php upload. The attacker must have admin access to change the upload_file_ext (aka "Allow upload file suffix") setting, and must use "php,php" in this setting to bypass the "php" restriction. | |||||
| CVE-2018-14857 | 1 Ocsinventory-ng | 1 Ocs Inventory Server | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Unrestricted file upload (with remote code execution) in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are permitted. | |||||
| CVE-2018-14570 | 1 Niushop | 1 B2b2c Multi-business | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| A file upload vulnerability in application/shop/controller/member.php in Niushop B2B2C Multi-business basic version V1.11 allows any remote member to upload a .php file to the web server via a profile avatar field, by using an image Content-Type (e.g., image/jpeg) with a modified filename and file content. This results in arbitrary code execution by requesting that .php file. | |||||
| CVE-2018-14441 | 1 Ssh Companywebsite Project | 1 Ssh Companywebsite | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in cckevincyh SSH CompanyWebsite through 2018-05-03. admin/admin/fileUploadAction_fileUpload.action allows arbitrary file upload, as demonstrated by a .jsp file with the image/jpeg content type. | |||||
| CVE-2018-14334 | 1 Joyplus-cms Project | 1 Joyplus-cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| manager/editor/upload.php in joyplus-cms 1.6.0 allows arbitrary file upload because detection of a prohibited file extension simply sets the $errm value, and does not otherwise alter the flow of control. Consequently, one can upload and execute a .php file, a similar issue to CVE-2018-8766. | |||||
| CVE-2018-14028 | 1 Wordpress | 1 Wordpress | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| In WordPress 4.9.7, plugins uploaded via the admin area are not verified as being ZIP files. This allows for PHP files to be uploaded. Once a PHP file is uploaded, the plugin extraction fails, but the PHP file remains in a predictable wp-content/uploads location, allowing for an attacker to then execute the file. This represents a security risk in limited scenarios where an attacker (who does have the required capabilities for plugin uploads) cannot simply place arbitrary PHP code into a valid plugin ZIP file and upload that plugin, because a machine's wp-content/plugins directory permissions were set up to block all new plugins. | |||||
| CVE-2018-13981 | 1 Zeta-producer | 1 Zeta Producer Desktop Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The websites that were built from Zeta Producer Desktop CMS before 14.2.1 are vulnerable to unauthenticated remote code execution due to a default component that permits arbitrary upload of PHP files, because the formmailer widget blocks .php files but not .php5 or .phtml files. This is related to /assets/php/formmailer/SendEmail.php and /assets/php/formmailer/functions.php. | |||||
| CVE-2018-13038 | 1 Opendesa | 1 Opensid | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| OpenSID 18.06-pasca has an Unrestricted File Upload vulnerability via an Attachment Document in the article feature. This vulnerability leads to uploading arbitrary PHP code via a .php filename with the application/pdf Content-Type. | |||||
| CVE-2018-13024 | 1 Metinfo | 1 Metinfo | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Metinfo v6.0.0 allows remote attackers to write code into a .php file, and execute that code, via the module parameter to admin/column/save.php in an editor upload action. | |||||
| CVE-2018-13021 | 1 Hongcms Project | 1 Hongcms | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| An issue was discovered in HongCMS 3.0.0. There is an Arbitrary Script File Upload issue that can result in PHP code execution via the admin/index.php/template/upload URI. | |||||
| CVE-2018-12980 | 1 Wago | 8 762-3000, 762-3000 Firmware, 762-3001 and 5 more | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. The vulnerability allows an authenticated user to upload arbitrary files to the file system with the permissions of the web server. | |||||
| CVE-2018-12940 | 1 Seeddms | 1 Seeddms | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Unrestricted file upload vulnerability in "op/op.UploadChunks.php" in SeedDMS (formerly LetoDMS and MyDMS) before 5.1.8 allows remote attackers to execute arbitrary code by uploading a file with an executable extension specified by the "qqfile" parameter. This allows an authenticated attacker to upload a malicious file containing PHP code to execute operating system commands to the web root of the application. | |||||
| CVE-2018-12914 | 1 Publiccms | 1 Publiccms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A remote code execution issue was discovered in PublicCMS V4.0.20180210. An attacker can upload a ZIP archive that contains a .jsp file with a directory traversal pathname. After an unzip operation, the attacker can execute arbitrary code by visiting a .jsp URI. | |||||
| CVE-2018-12528 | 1 Intex | 2 N150, N150 Firmware | 2024-11-21 | 7.5 HIGH | 8.1 HIGH |
| An issue was discovered on Intex N150 devices. The backup/restore option does not check the file extension uploaded for importing a configuration files backup, which can lead to corrupting the router firmware settings or even the uploading of malicious files. In order to exploit the vulnerability, an attacker can upload any malicious file and force reboot the router with it. | |||||
| CVE-2018-12519 | 1 Codenx | 1 Shopnx | 2024-11-21 | 4.0 MEDIUM | 8.8 HIGH |
| An issue was discovered in ShopNx through 2017-11-17. The vulnerability allows a remote attacker to upload any malicious file to a Node.js application. An attacker can upload a malicious HTML file that contains a JavaScript payload to steal a user's credentials. | |||||
| CVE-2018-12491 | 1 Phpok | 1 Phpok | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| PHPOK 4.9.032 has an arbitrary file upload vulnerability in the import_f function in framework/admin/modulec_control.php, as demonstrated by uploading a .php file within a .php.zip archive, a similar issue to CVE-2018-8944. | |||||
| CVE-2018-12468 | 1 Microfocus | 1 Groupwise | 2024-11-21 | 6.5 MEDIUM | 9.1 CRITICAL |
| A vulnerability in the administration console of Micro Focus GroupWise prior to version 18.0.2 may allow a remote attacker authenticated as an administrator to upload files to an arbitrary path on the server. In certain circumstances this could result in remote code execution. | |||||
| CVE-2018-12426 | 1 3cx | 1 Live Chat | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The WP Live Chat Support Pro plugin before 8.0.07 for WordPress is vulnerable to unauthenticated Remote Code Execution due to client-side validation of allowed file types, as demonstrated by a v1/remote_upload request with a .php filename and the image/jpeg content type. | |||||
| CVE-2018-12263 | 1 Portfoliocms Project | 1 Portfoliocms | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| portfolioCMS 1.0.5 allows upload of arbitrary .php files via the admin/portfolio.php?newpage=true URI. | |||||