Total
2510 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-32753 | 1 Itpison | 1 Omicard Edm | 2024-08-02 | 9.8 Critical |
OMICARD EDM’s file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker can exploit this vulnerability to upload and run arbitrary executable files to perform arbitrary system commands or disrupt service. | ||||
CVE-2023-32752 | 1 L7-networks | 2 Instantqos, Instantscan | 2024-08-02 | 9.8 Critical |
L7 Networks InstantScan IS-8000 & InstantQoS IQ-8000’s file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker can exploit this vulnerability to upload and run arbitrary executable files to perform arbitrary system commands or disrupt service. | ||||
CVE-2023-32686 | 1 Kiwitcms | 1 Kiwi Tcms | 2024-08-02 | 8.1 High |
Kiwi TCMS is an open source test management system for both manual and automated testing. Kiwi TCMS allows users to upload attachments to test plans, test cases, etc. Earlier versions of Kiwi TCMS had introduced upload validators in order to prevent potentially dangerous files from being uploaded. The upload validation checks were not robust enough which left the possibility of an attacker to circumvent them and upload a potentially dangerous file. Exploiting this flaw, a combination of files could be uploaded so that they work together to circumvent the existing Content-Security-Policy and allow execution of arbitrary JavaScript in the browser. This issue has been patched in version 12.3. | ||||
CVE-2023-32628 | 1 Advantech | 1 Webaccess\/scada | 2024-08-02 | 7.2 High |
In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an attacker to modify the file extension of a certificate file to ASP when uploading it, which can lead to remote code execution. | ||||
CVE-2023-32689 | 1 Parseplatform | 1 Parse-server | 2024-08-02 | 6.3 Medium |
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Versions prior to 5.4.4 and 6.1.1 are vulnerable to a phishing attack vulnerability that involves a user uploading malicious files. A malicious user could upload an HTML file to Parse Server via its public API. That HTML file would then be accessible at the internet domain at which Parse Server is hosted. The URL of the the uploaded HTML could be shared for phishing attacks. The HTML page may seem legitimate because it is served under the internet domain where Parse Server is hosted, which may be the same as a company's official website domain. An additional security issue arises when the Parse JavaScript SDK is used. The SDK stores sessions in the internet browser's local storage, which usually restricts data access depending on the internet domain. A malicious HTML file could contain a script that retrieves the user's session token from local storage and then share it with the attacker. The fix included in versions 5.4.4 and 6.1.1 adds a new Parse Server option `fileUpload.fileExtensions` to restrict file upload on Parse Server by file extension. It is recommended to restrict file upload for HTML file extensions, which this fix disables by default. If an app requires upload of files with HTML file extensions, the option can be set to `['.*']` or another custom value to override the default. | ||||
CVE-2023-32621 | 1 Wavlink | 2 Wl-wn531ax2, Wl-wn531ax2 Firmware | 2024-08-02 | 7.2 High |
WL-WN531AX2 firmware versions prior to 2023526 allows an attacker with an administrative privilege to upload arbitrary files and execute OS commands with the root privilege. | ||||
CVE-2024-36987 | 1 Splunk | 2 Cloud, Splunk | 2024-08-02 | 4.3 Medium |
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, an authenticated, low-privileged user who does not hold the admin or power Splunk roles could upload a file with an arbitrary extension using the indexing/preview REST endpoint. | ||||
CVE-2023-32562 | 1 Ivanti | 1 Avalanche | 2024-08-02 | 9.8 Critical |
An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to achieve a remove code execution. Fixed in version 6.4.1. | ||||
CVE-2023-32564 | 1 Ivanti | 1 Avalanche | 2024-08-02 | 9.8 Critical |
An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remove code execution. | ||||
CVE-2023-32225 | 1 Sysaid | 1 Sysaid On-premises | 2024-08-02 | 9.8 Critical |
Sysaid - CWE-434: Unrestricted Upload of File with Dangerous Type - A malicious user with administrative privileges may be able to upload a dangerous filetype via an unspecified method. | ||||
CVE-2023-31946 | 1 Online Travel Agency System Project | 1 Online Travel Agency System | 2024-08-02 | 7.2 High |
File Upload vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via a crafted PHP file to the artical.php. | ||||
CVE-2023-31903 | 1 Freeguppy | 1 Guppy | 2024-08-02 | 9.8 Critical |
GuppY CMS 6.00.10 is vulnerable to Unrestricted File Upload which allows remote attackers to execute arbitrary code by uploading a php file. | ||||
CVE-2023-31941 | 1 Online Travel Agency System Project | 1 Online Travel Agency System | 2024-08-02 | 7.2 High |
File Upload vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via a crafted PHP file to the employee_insert.php. | ||||
CVE-2023-31857 | 1 Oretnom23 | 1 Online Computer And Laptop Store | 2024-08-02 | 9.8 Critical |
Sourcecodester Online Computer and Laptop Store 1.0 allows unrestricted file upload and can lead to remote code execution. The vulnerability path is /classes/Users.php?f=save. | ||||
CVE-2023-31689 | 1 Wcms | 1 Wcms | 2024-08-02 | 9.8 Critical |
In Wcms 0.3.2, an attacker can send a crafted request from a vulnerable web application backend server /wcms/wex/html.php via the finish parameter and the textAreaCode parameter. It can write arbitrary strings into custom file names and upload any files, and write malicious code to execute scripts to trigger command execution. | ||||
CVE-2023-31541 | 1 Ckeditor | 1 Ckeditor | 2024-08-02 | 9.8 Critical |
A unrestricted file upload vulnerability was discovered in the ‘Browse and upload images’ feature of the CKEditor v1.2.3 plugin for Redmine, which allows arbitrary files to be uploaded to the server. | ||||
CVE-2023-31505 | 1 Schlix | 1 Cms | 2024-08-02 | 7.2 High |
An arbitrary file upload vulnerability in Schlix CMS v2.2.8-1, allows remote authenticated attackers to execute arbitrary code and obtain sensitive information via a crafted .phtml file. | ||||
CVE-2023-31428 | 1 Broadcom | 1 Brocade Fabric Operating System | 2024-08-02 | 5.5 Medium |
Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability in the command line that could allow a local user to dump files under user's home directory using grep. | ||||
CVE-2023-31576 | 1 S9y | 1 Serendipity | 2024-08-02 | 8.8 High |
An arbitrary file upload vulnerability in Serendipity 2.4-beta1 allows attackers to execute arbitrary code via a crafted HTML or Javascript file. | ||||
CVE-2023-31231 | 1 Unlimited-elements | 1 Unlimited Elements For Elementor \(free Widgets\, Addons\, Templates\) | 2024-08-02 | 9.9 Critical |
Unrestricted Upload of File with Dangerous Type vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates).This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): from n/a through 1.5.65. |