Total
2497 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-31286 | 2024-08-02 | 9.9 Critical | ||
Unrestricted Upload of File with Dangerous Type vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus.This issue affects WP Photo Album Plus: from n/a before 8.6.03.005. | ||||
CVE-2024-31292 | 1 Wordpress | 1 Import Xml And Rss Feeds Plugin | 2024-08-02 | 7.2 High |
Unrestricted Upload of File with Dangerous Type vulnerability in Moove Agency Import XML and RSS Feeds.This issue affects Import XML and RSS Feeds: from n/a through 2.1.5. | ||||
CVE-2024-31214 | 1 Traccar | 1 Traccar | 2024-08-02 | 9.7 Critical |
Traccar is an open source GPS tracking system. Traccar versions 5.1 through 5.12 allow arbitrary files to be uploaded through the device image upload API. Attackers have full control over the file contents, full control over the directory where the file is stored, full control over the file extension, and partial control over the file name. While it's not for an attacker to overwrite an existing file, an attacker can create new files with certain names and attacker-controlled extensions anywhere on the file system. This can potentially lead to remote code execution, XSS, DOS, etc. The default install of Traccar makes this vulnerability more severe. Self-registration is enabled by default, allowing anyone to create an account to exploit this vulnerability. Traccar also runs by default with root/system privileges, allowing files to be placed anywhere on the file system. Version 6.0 contains a fix for the issue. One may also turn off self-registration by default, as that would make most vulnerabilities in the application much harder to exploit by default and reduce the severity considerably. | ||||
CVE-2024-31210 | 1 Wordpress | 1 Wordpress-develop | 2024-08-02 | 7.7 High |
WordPress is an open publishing platform for the Web. It's possible for a file of a type other than a zip file to be submitted as a new plugin by an administrative user on the Plugins -> Add New -> Upload Plugin screen in WordPress. If FTP credentials are requested for installation (in order to move the file into place outside of the `uploads` directory) then the uploaded file remains temporary available in the Media Library despite it not being allowed. If the `DISALLOW_FILE_EDIT` constant is set to `true` on the site _and_ FTP credentials are required when uploading a new theme or plugin, then this technically allows an RCE when the user would otherwise have no means of executing arbitrary PHP code. This issue _only_ affects Administrator level users on single site installations, and Super Admin level users on Multisite installations where it's otherwise expected that the user does not have permission to upload or execute arbitrary PHP code. Lower level users are not affected. Sites where the `DISALLOW_FILE_MODS` constant is set to `true` are not affected. Sites where an administrative user either does not need to enter FTP credentials or they have access to the valid FTP credentials, are not affected. The issue was fixed in WordPress 6.4.3 on January 30, 2024 and backported to versions 6.3.3, 6.2.4, 6.1.5, 6.0.7, 5.9.9, 5.8.9, 5.7.11, 5.6.13, 5.5.14, 5.4.15, 5.3.17, 5.2.20, 5.1.18, 5.0.21, 4.9.25, 2.8.24, 4.7.28, 4.6.28, 4.5.31, 4.4.32, 4.3.33, 4.2.37, and 4.1.40. A workaround is available. If the `DISALLOW_FILE_MODS` constant is defined as `true` then it will not be possible for any user to upload a plugin and therefore this issue will not be exploitable. | ||||
CVE-2024-31115 | 2024-08-02 | 10 Critical | ||
Unrestricted Upload of File with Dangerous Type vulnerability in QuanticaLabs Chauffeur Taxi Booking System for WordPress.This issue affects Chauffeur Taxi Booking System for WordPress: from n/a through 7.2. | ||||
CVE-2024-31012 | 2024-08-02 | 9.8 Critical | ||
An issue was discovered in SEMCMS v.4.8, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via the upload.php file. | ||||
CVE-2024-30500 | 2024-08-02 | 9.9 Critical | ||
Unrestricted Upload of File with Dangerous Type vulnerability in CubeWP CubeWP – All-in-One Dynamic Content Framework.This issue affects CubeWP – All-in-One Dynamic Content Framework: from n/a through 1.1.12. | ||||
CVE-2024-29891 | 2024-08-02 | 8.7 High | ||
ZITADEL users can upload their own avatar image and various image types are allowed. Due to a missing check, an attacker could upload HTML and pretend it is an image to gain access to the victim's account in certain scenarios. A possible victim would need to directly open the supposed image in the browser, where a session in ZITADEL needs to be active for this exploit to work. The exploit could only be reproduced if the victim was using Firefox. Chrome, Safari as well as Edge did not execute the code. This vulnerability is fixed in 2.48.3, 2.47.8, 2.46.5, 2.45.5, 2.44.7, 2.43.11, and 2.42.17. | ||||
CVE-2024-29661 | 2024-08-02 | 9.8 Critical | ||
A File Upload vulnerability in DedeCMS v5.7 allows a local attacker to execute arbitrary code via a crafted payload. | ||||
CVE-2024-29272 | 1 Givanz | 1 Vvvebjs | 2024-08-02 | 6.5 Medium |
Arbitrary File Upload vulnerability in VvvebJs before version 1.7.5, allows unauthenticated remote attackers to execute arbitrary code and obtain sensitive information via the sanitizeFileName parameter in save.php. | ||||
CVE-2024-29135 | 2024-08-02 | 9.9 Critical | ||
Unrestricted Upload of File with Dangerous Type vulnerability in Tourfic.This issue affects Tourfic: from n/a through 2.11.15. | ||||
CVE-2024-29100 | 2024-08-02 | 9.1 Critical | ||
Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 2.1.4. | ||||
CVE-2024-28520 | 2024-08-02 | 6.5 Medium | ||
File Upload vulnerability in Byzoro Networks Smart multi-service security gateway intelligent management platform version S210, allows an attacker to obtain sensitive information via the uploadfile.php component. | ||||
CVE-2024-28269 | 1 Recrystallize Software | 1 Recrystallive Server | 2024-08-02 | 7.2 High |
ReCrystallize Server 5.10.0.0 allows administrators to upload files to the server. The file upload is not restricted, leading to the ability to upload of malicious files. This could result in a Remote Code Execution. | ||||
CVE-2024-28147 | 2024-08-02 | 7.4 High | ||
An authenticated user can upload arbitrary files in the upload function for collection preview images. An attacker may upload an HTML file that includes malicious JavaScript code which will be executed if a user visits the direct URL of the collection preview image (Stored Cross Site Scripting). It is also possible to upload SVG files that include nested XML entities. Those are parsed when a user visits the direct URL of the collection preview image, which may be utilized for a Denial of Service attack. This issue affects edu-sharing: <8.0.8-RC2, <8.1.4-RC0, <9.0.0-RC19. | ||||
CVE-2024-27951 | 1 Themeisle | 1 Multiple Page Generator | 2024-08-02 | 9.1 Critical |
Unrestricted Upload of File with Dangerous Type vulnerability in Themeisle Multiple Page Generator Plugin – MPG allows Upload a Web Shell to a Web Server.This issue affects Multiple Page Generator Plugin – MPG: from n/a through 3.4.0. | ||||
CVE-2024-27311 | 1 Zohocorp | 1 Manageengine Ddi Central | 2024-08-02 | 5.5 Medium |
Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to directory traversal vulnerability which allows the user to upload new files to the server folder. | ||||
CVE-2024-25869 | 2024-08-01 | 8.8 High | ||
An Unrestricted File Upload vulnerability in CodeAstro Membership Management System in PHP v.1.0 allows a remote attacker to execute arbitrary code via upload of a crafted php file in the settings.php component. | ||||
CVE-2024-25623 | 2024-08-01 | 8.5 High | ||
Mastodon is a free, open-source social network server based on ActivityPub. Prior to versions 4.2.7, 4.1.15, 4.0.15, and 3.5.19, when fetching remote statuses, Mastodon doesn't check that the response from the remote server has a `Content-Type` header value of the Activity Streams media type, which allows a threat actor to upload a crafted Activity Streams document to a remote server and make a Mastodon server fetch it, if the remote server accepts arbitrary user uploads. The vulnerability allows a threat actor to impersonate an account on a remote server that satisfies all of the following properties: allows the attacker to register an account; accepts arbitrary user-uploaded documents and places them on the same domain as the ActivityPub actors; and serves user-uploaded document in response to requests with an `Accept` header value of the Activity Streams media type. Versions 4.2.7, 4.1.15, 4.0.15, and 3.5.19 contain a fix for this issue. | ||||
CVE-2024-24809 | 2024-08-01 | 8.5 High | ||
Traccar is an open source GPS tracking system. Versions prior to 6.0 are vulnerable to path traversal and unrestricted upload of file with dangerous type. Since the system allows registration by default, attackers can acquire ordinary user permissions by registering an account and exploit this vulnerability to upload files with the prefix `device.` under any folder. Attackers can use this vulnerability for phishing, cross-site scripting attacks, and potentially execute arbitrary commands on the server. Version 6.0 contains a patch for the issue. |