Total
2604 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-6839 | 1 Schneider-electric | 8 Meg6260-0410, Meg6260-0410 Firmware, Meg6260-0415 and 5 more | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
| A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow a user with low privileges to upload a rogue file. | |||||
| CVE-2019-12971 | 1 G-u | 2 Bks Ebk Ethernet-buskoppler Pro, Bks Ebk Ethernet-buskoppler Pro Firmware | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
| BKS EBK Ethernet-Buskoppler Pro before 3.01 allows Unrestricted Upload of a File with a Dangerous Type. | |||||
| CVE-2019-13979 | 1 Rangerstudio | 1 Directus 7 Api | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| In Directus 7 API before 2.2.1, uploading of PHP files is not blocked, leading to uploads/_/originals remote code execution. | |||||
| CVE-2019-4013 | 1 Ibm | 1 Bigfix Platform | 2024-02-28 | 9.0 HIGH | 9.9 CRITICAL |
| IBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server with root privileges. This results in code execution on underlying system with root privileges. IBM X-Force ID: 155887. | |||||
| CVE-2019-13984 | 1 Rangerstudio | 1 Directus 7 Api | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| Directus 7 API before 2.3.0 does not validate uploaded files. Regardless of the file extension or MIME type, there is a direct link to each uploaded file, accessible by unauthenticated users, as demonstrated by the EICAR Anti-Virus Test File. | |||||
| CVE-2019-5395 | 1 Hp | 2 3par Service Processor, 3par Service Processor Firmware | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
| A remote arbitrary file upload vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1. | |||||
| CVE-2017-18435 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 7.5 HIGH | 7.3 HIGH |
| cPanel before 64.0.21 allows demo accounts to execute code via the BoxTrapper API (SEC-238). | |||||
| CVE-2019-10647 | 1 Zzzcms | 1 Zzzphp | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| ZZZCMS zzzphp v1.6.3 allows remote attackers to execute arbitrary PHP code via a .php URL in the plugins/ueditor/php/controller.php?action=catchimage source[] parameter because of a lack of inc/zzz_file.php restrictions. For example, source%5B%5D=http%3A%2F%2F192.168.0.1%2Ftest.php can be used if the 192.168.0.1 web server sends the contents of a .php file (i.e., it does not interpret a .php file). | |||||
| CVE-2019-9623 | 1 Fengoffice | 1 Feng Office | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| Feng Office 3.7.0.5 allows remote attackers to execute arbitrary code via "<!--#exec cmd=" in a .shtml file to ck_upload_handler.php. | |||||
| CVE-2019-9581 | 1 Twinkletoessoftware | 1 Booked | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
| phpscheduleit Booked Scheduler 2.7.5 allows arbitrary file upload via the Favicon field, leading to execution of arbitrary Web/custom-favicon.php PHP code, because Presenters/Admin/ManageThemePresenter.php does not ensure an image file extension. | |||||
| CVE-2018-19514 | 1 Ens | 1 Webgalamb | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| In Webgalamb through 7.0, an arbitrary code execution vulnerability could be exploited remotely without authentication. Exploitation requires authentication bypass to access administrative functions of the site to upload a crafted CSV file with a malicious payload that becomes part of a PHP eval() expression in the subscriber.php file. | |||||
| CVE-2019-4056 | 1 Ibm | 10 Control Desk, Maximo Asset Management, Maximo For Aviation and 7 more | 2024-02-28 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Maximo Asset Management 7.6 Work Centers' application does not validate file type upon upload, allowing attackers to upload malicious files. IBM X-Force ID: 156565. | |||||
| CVE-2019-1010062 | 1 Pluck-cms | 1 Pluckcms | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| PluckCMS 4.7.4 and earlier is affected by: CWE-434 Unrestricted Upload of File with Dangerous Type. The impact is: get webshell. The component is: data/inc/images.php line36. The attack vector is: modify the MIME TYPE on HTTP request to upload a php file. The fixed version is: after commit 09f0ab871bf633973cfd9fc4fe59d4a912397cf8. | |||||
| CVE-2019-9608 | 1 Ofcms Project | 1 Ofcms | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider (for example) file.jsp::$DATA to the admin/ueditor/uploadImage URI. | |||||
| CVE-2019-12803 | 1 Hunesion | 1 I-onenet | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
| In Hunesion i-oneNet version 3.0.7 ~ 3.0.53 and 4.0.4 ~ 4.0.16, the specific upload web module doesn't verify the file extension and type, and an attacker can upload a webshell. After the webshell upload, an attacker can use the webshell to perform remote code exection such as running a system command. | |||||
| CVE-2019-14748 | 1 Osticket | 1 Osticket | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
| An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. The Ticket creation form allows users to upload files along with queries. It was found that the file-upload functionality has fewer (or no) mitigations implemented for file content checks; also, the output is not handled properly, causing persistent XSS that leads to cookie stealing or malicious actions. For example, a non-agent user can upload a .html file, and Content-Disposition will be set to inline instead of attachment. | |||||
| CVE-2019-11344 | 1 Pluck-cms | 1 Pluck | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| data/inc/files.php in Pluck 4.7.8 allows remote attackers to execute arbitrary code by uploading a .htaccess file that specifies SetHandler x-httpd-php for a .txt file, because only certain PHP-related filename extensions are blocked. | |||||
| CVE-2019-10012 | 2 Jenzabar, Tiny | 2 Internet Campus Solution, Moxiemanager | 2024-02-28 | 6.0 MEDIUM | 7.5 HIGH |
| Jenzabar JICS (aka Internet Campus Solution) before 9 allows remote attackers to upload and execute arbitrary .aspx code by placing it in a ZIP archive and using the MoxieManager (for .NET) plugin before 2.1.4 in the moxiemanager directory within the installation folder ICS\ICS.NET\ICSFileServer. | |||||
| CVE-2016-10752 | 1 S9y | 1 Serendipity | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| serendipity_moveMediaDirectory in Serendipity 2.0.3 allows remote attackers to upload and execute arbitrary PHP code because it mishandles an extensionless filename during a rename, as demonstrated by "php" as a filename. | |||||
| CVE-2019-16192 | 1 Doccms | 1 Doccms | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| upload_model() in /admini/controllers/system/managemodel.php in DocCms 2016.5.17 allow remote attackers to execute arbitrary PHP code through module management files, as demonstrated by a .php file in a ZIP archive. | |||||