Total
2655 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-9609 | 1 Ofcms Project | 1 Ofcms | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider (for example) file.jsp::$DATA to the admin/comn/service/editUploadImage URI. | |||||
| CVE-2019-9608 | 1 Ofcms Project | 1 Ofcms | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider (for example) file.jsp::$DATA to the admin/ueditor/uploadImage URI. | |||||
| CVE-2019-9581 | 1 Twinkletoessoftware | 1 Booked | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| phpscheduleit Booked Scheduler 2.7.5 allows arbitrary file upload via the Favicon field, leading to execution of arbitrary Web/custom-favicon.php PHP code, because Presenters/Admin/ManageThemePresenter.php does not ensure an image file extension. | |||||
| CVE-2019-9572 | 1 Schoolcms | 1 Schoolcms | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| SchoolCMS version 2.3.1 allows file upload via the theme upload feature at admin.php?m=admin&c=theme&a=upload by using the .zip extension along with the _Static substring, changing the Content-Type to application/zip, and placing PHP code after the ZIP header. This ultimately allows execution of arbitrary PHP code in Public\Home\1_Static.php because of mishandling in the Application\Admin\Controller\ThemeController.class.php Upload() function. | |||||
| CVE-2019-9189 | 1 Primasystems | 1 Flexair | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| Prima Systems FlexAir, Versions 2.4.9api3 and prior. The application allows the upload of arbitrary Python scripts when configuring the main central controller. These scripts can be immediately executed because of root code execution, not as a web server user, allowing an authenticated attacker to gain full system access. | |||||
| CVE-2019-9185 | 1 Boltcms | 1 Bolt | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Controller/Async/FilesystemManager.php in the filemanager in Bolt before 3.6.5 allows remote attackers to execute arbitrary PHP code by renaming a previously uploaded file to have a .php extension. | |||||
| CVE-2019-9181 | 1 Schoolcms | 1 Schoolcms | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| SchoolCMS version 2.3.1 allows file upload via the logo upload feature at admin.php?m=admin&c=site&a=save by using the .jpg extension, changing the Content-Type to image/php, and placing PHP code after the JPEG data. This ultimately allows execution of arbitrary PHP code. | |||||
| CVE-2019-9050 | 1 Pluck-cms | 1 Pluck | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| An issue was discovered in Pluck 4.7.9-dev1. It allows administrators to execute arbitrary code by using action=installmodule to upload a ZIP archive, which is then extracted and executed. | |||||
| CVE-2019-9042 | 1 Sitemagic | 1 Sitemagic Cms | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| An issue was discovered in Sitemagic CMS v4.4. In the index.php?SMExt=SMFiles URI, the user can upload a .php file to execute arbitrary code, as demonstrated by 404.php. This can only occur if the administrator neglects to set FileExtensionFilter and there are untrusted user accounts. NOTE: The maintainer states that this is not a vulnerability but a feature used in conjunction with External Modules | |||||
| CVE-2019-8992 | 1 Tibco | 5 Activematrix Bpm, Activematrix Policy Director, Activematrix Service Bus and 2 more | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| The administrative server component of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric, TIBCO ActiveMatrix Policy Director, TIBCO ActiveMatrix Service Bus, TIBCO ActiveMatrix Service Grid, TIBCO ActiveMatrix Service Grid Distribution for TIBCO Silver Fabric, TIBCO Silver Fabric Enabler for ActiveMatrix BPM, and TIBCO Silver Fabric Enabler for ActiveMatrix Service Grid contains a vulnerability wherein a user without privileges to upload distributed application archives ("Upload DAA" permission) can theoretically upload arbitrary code, and in some circumstances then execute that code on ActiveMatrix Service Grid nodes. Affected releases are TIBCO Software Inc.'s TIBCO ActiveMatrix BPM: versions up to and including 4.2.0, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric: versions up to and including 4.2.0, TIBCO ActiveMatrix Policy Director: versions up to and including 1.1.0, TIBCO ActiveMatrix Service Bus: versions up to and including 3.3.0, TIBCO ActiveMatrix Service Grid: versions up to and including 3.3.1, TIBCO ActiveMatrix Service Grid Distribution for TIBCO Silver Fabric: versions up to and including 3.3.0, TIBCO Silver Fabric Enabler for ActiveMatrix BPM: versions up to and including 1.4.1, and TIBCO Silver Fabric Enabler for ActiveMatrix Service Grid: versions up to and including 1.3.1. | |||||
| CVE-2019-8942 | 2 Debian, Wordpress | 2 Debian Linux, Wordpress | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif metadata. Exploitation can leverage CVE-2019-8943. | |||||
| CVE-2019-8933 | 1 Dedecms | 1 Dedecms | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| In DedeCMS 5.7SP2, attackers can upload a .php file to the uploads/ directory (without being blocked by the Web Application Firewall), and then execute this file, via this sequence of steps: visiting the management page, clicking on the template, clicking on Default Template Management, clicking on New Template, and modifying the filename from ../index.html to ../index.php. | |||||
| CVE-2019-8433 | 1 Jtbc | 1 Jtbc Php | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| JTBC(PHP) 3.0.1.8 allows Arbitrary File Upload via the console/#/console/file/manage.php?type=list URI, as demonstrated by a .php file. | |||||
| CVE-2019-8404 | 1 Webiness Inventory Project | 1 Webiness Inventory | 2024-11-21 | 5.5 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Webiness Inventory 2.3. The ProductModel component allows Arbitrary File Upload via a crafted product image during the creation of a new product. Consequently, an attacker can steal information from the site with the help of an installed executable file, or change the contents of pages. | |||||
| CVE-2019-8394 | 1 Zohocorp | 1 Manageengine Servicedesk Plus | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10012 allows remote attackers to upload arbitrary files via login page customization. | |||||
| CVE-2019-8371 | 1 Open-emr | 1 Openemr | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| OpenEMR v5.0.1-6 allows code execution. | |||||
| CVE-2019-8362 | 1 Dedecms | 1 Dedecms | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| DedeCMS through V5.7SP2 allows arbitrary file upload in dede/album_edit.php or dede/album_add.php, as demonstrated by a dede/album_edit.php?dopost=save&formzip=1 request with a ZIP archive that contains a file such as "1.jpg.php" (because input validation only checks that .jpg, .png, or .gif is present as a substring, and does not otherwise check the file name or content). | |||||
| CVE-2019-8293 | 1 Abcprintf | 1 Upload-image-with-ajax | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Due to a logic error in the code, upload-image-with-ajax v1.0 allows arbitrary files to be uploaded to the web root allowing code execution. | |||||
| CVE-2019-8140 | 1 Magento | 1 Magento | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
| An unrestricted file upload vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated admin user can manipulate the Synchronization feature in the Media File Storage of the database to transform uploaded JPEG file into a PHP file. | |||||
| CVE-2019-8114 | 1 Magento | 1 Magento | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| A remote code execution vulnerability exists in Magento 1 prior to 1.9.4.3 and 1.14.4.3, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with admin privileges to import features can execute arbitrary code via crafted configuration archive file upload. | |||||