Vulnerabilities (CVE)

Filtered by CWE-434
Total 2604 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-2297 1 Oretnom23 1 Clinic\'s Patient Management System 2024-09-07 6.5 MEDIUM 8.8 HIGH
A vulnerability, which was classified as critical, was found in SourceCodester Clinics Patient Management System 2.0. Affected is an unknown function of the file /pms/update_user.php?user_id=1. The manipulation of the argument profile_picture with the input <?php phpinfo();?> leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2022-40471 1 Oretnom23 1 Clinic\'s Patient Management System 2024-09-07 N/A 9.8 CRITICAL
Remote Code Execution in Clinic's Patient Management System v 1.0 allows Attacker to Upload arbitrary php webshell via profile picture upload functionality in users.php
CVE-2024-5008 1 Progress 1 Whatsup Gold 2024-09-06 N/A 8.8 HIGH
In WhatsUp Gold versions released before 2023.1.3, an authenticated user with certain permissions can upload an arbitrary file and obtain RCE usingĀ Apm.UI.Areas.APM.Controllers.Api.Applications.AppProfileImportController.
CVE-2024-31680 2024-09-06 N/A 8.8 HIGH
File Upload vulnerability in Shibang Communications Co., Ltd. IP network intercom broadcasting system v.1.0 allows a local attacker to execute arbitrary code via the my_parser.php component.
CVE-2024-8164 1 Beikeshop 1 Beikeshop 2024-09-06 6.5 MEDIUM 8.8 HIGH
A vulnerability, which was classified as critical, has been found in Chengdu Everbrite Network Technology BeikeShop up to 1.5.5. Affected by this issue is the function rename of the file /Admin/Http/Controllers/FileManagerController.php. The manipulation of the argument new_name leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-31777 2024-09-06 N/A 9.8 CRITICAL
File Upload vulnerability in openeclass v.3.15 and before allows an attacker to execute arbitrary code via a crafted file to the certbadge.php endpoint.
CVE-2024-7694 1 Teamt5 1 Threatsonar Anti-ransomware 2024-09-06 N/A 7.2 HIGH
ThreatSonar Anti-Ransomware from TeamT5 does not properly validate the content of uploaded files. Remote attackers with administrator privileges on the product platform can upload malicious files, which can be used to execute arbitrary system command on the server.
CVE-2024-6280 1 Oretnom23 1 Simple Online Bidding System 2024-09-06 6.5 MEDIUM 9.8 CRITICAL
A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/ajax.php?action=save_settings. The manipulation of the argument img leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-269493 was assigned to this vulnerability.
CVE-2024-45076 1 Ibm 1 Webmethods Integration 2024-09-06 N/A 9.9 CRITICAL
IBM webMethods Integration 10.15 could allow an authenticated user to upload and execute arbitrary files which could be executed on the underlying operating system.
CVE-2024-43249 1 Bitapps 1 Bit Form 2024-09-06 N/A 8.8 HIGH
Unrestricted Upload of File with Dangerous Type vulnerability in Bit Apps Bit Form Pro allows Command Injection.This issue affects Bit Form Pro: from n/a through 2.6.4.
CVE-2024-45171 2024-09-05 N/A 8.8 HIGH
An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Due to improper user input validation, it is possible to upload dangerous files, for instance PHP code, to the C-MOR system. By analyzing the C-MOR web interface, it was found out that the upload functionality for backup files allows an authenticated user to upload arbitrary files. The only condition is that the filename contains a .cbkf string. Therefore, webshell.cbkf.php is considered a valid file name for the C-MOR web application. Uploaded files are stored within the directory "/srv/www/backups" on the C-MOR system, and can thus be accessed via the URL https://<HOST>/backup/upload_<FILENAME>. Due to broken access control, low-privileged authenticated users can also use this file upload functionality.
CVE-2024-40645 1 Fogproject 1 Fogproject 2024-09-05 N/A 8.8 HIGH
FOG is a cloning/imaging/rescue suite/inventory management system. An improperly restricted file upload feature allows authenticated users to execute arbitrary code on the fogproject server. The Rebranding feature has a check on the client banner image requiring it to be 650 pixels wide and 120 pixels high. Apart from that, there are no checks on things like file extensions. This can be abused by appending a PHP webshell to the end of the image and changing the extension to anything the PHP web server will parse. This vulnerability is fixed in 1.5.10.41.
CVE-2024-6945 1 Flute-cms 1 Flute 2024-09-05 6.5 MEDIUM 9.8 CRITICAL
A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been classified as critical. This affects an unknown part of the file app/Core/Http/Controllers/Profile/ImagesController.php of the component Avatar Upload Page. The manipulation of the argument avatar leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-272067.
CVE-2023-41725 1 Ivanti 1 Avalanche 2024-09-05 N/A 7.8 HIGH
Ivanti Avalanche EnterpriseServer Service Unrestricted File Upload Local Privilege Escalation Vulnerability
CVE-2023-33480 1 Remoteclinic 1 Remote Clinic 2024-09-05 N/A 8.8 HIGH
RemoteClinic 2.0 contains a critical vulnerability chain that can be exploited by a remote attacker with low-privileged user credentials to create admin users, escalate privileges, and execute arbitrary code on the target system via a PHP shell. The vulnerabilities are caused by a lack of input validation and access control in the staff/register.php endpoint and the edit-my-profile.php page. By sending a series of specially crafted requests to the RemoteClinic application, an attacker can create admin users with more privileges than their own, upload a PHP file containing arbitrary code, and execute arbitrary commands via the PHP shell.
CVE-2024-8330 1 6shr System Project 1 6shr System 2024-09-05 N/A 8.8 HIGH
6SHR system from Gether Technology does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload web shell scripts and use them to execute arbitrary system commands on the server.
CVE-2023-6140 1 G5plus 1 Essential Real Estate 2024-09-04 N/A 8.8 HIGH
The Essential Real Estate WordPress plugin before 4.4.0 does not prevent users with limited privileges on the site, like subscribers, from momentarily uploading malicious PHP files disguised as ZIP archives, which may lead to remote code execution.
CVE-2024-8342 1 Nelzkie15 1 Petshop Management System 2024-09-04 6.5 MEDIUM 8.8 HIGH
A vulnerability, which was classified as critical, has been found in SourceCodester Petshop Management System 1.0. This issue affects some unknown processing of the file /controllers/add_client.php. The manipulation of the argument image_profile leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-8341 1 Nelzkie15 1 Pet Shop Management System 2024-09-04 6.5 MEDIUM 9.8 CRITICAL
A vulnerability classified as critical was found in SourceCodester Petshop Management System 1.0. This vulnerability affects unknown code of the file /controllers/add_user.php. The manipulation of the argument avatar leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-6756 1 Wpwebinfotech 1 Social Auto Poster 2024-09-03 N/A 8.8 HIGH
The Social Auto Poster plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'wpw_auto_poster_get_image_path' function in all versions up to, and including, 5.3.14. This makes it possible for authenticated attackers, with Contributor-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible. An attacker can use CVE-2024-6754 to exploit with subscriber-level access.