Total
2498 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-39865 | 1 Siemens | 1 Sinema Remote Connect Server | 2024-09-09 | 8.8 High |
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application allows users to upload encrypted backup files. As part of this backup, files can be restored without correctly checking the path of the restored file. This could allow an attacker with access to the backup encryption key to upload malicious files, that could potentially lead to remote code execution. | ||||
CVE-2024-7620 | 1 The Beaver Builder Team | 1 Cutomizer Export\/import | 2024-09-09 | 6.6 Medium |
The Customizer Export/Import plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the '_import' function in all versions up to, and including, 0.9.7. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. NOTE: This vulnerability is only exploitable when used in conjunction with a race condition as the uploaded file is deleted shortly after it is created. | ||||
CVE-2022-40471 | 1 Oretnom23 | 1 Clinic\'s Patient Management System | 2024-09-07 | 9.8 Critical |
Remote Code Execution in Clinic's Patient Management System v 1.0 allows Attacker to Upload arbitrary php webshell via profile picture upload functionality in users.php | ||||
CVE-2022-2297 | 1 Oretnom23 | 1 Clinic\'s Patient Management System | 2024-09-07 | 6.3 Medium |
A vulnerability, which was classified as critical, was found in SourceCodester Clinics Patient Management System 2.0. Affected is an unknown function of the file /pms/update_user.php?user_id=1. The manipulation of the argument profile_picture with the input <?php phpinfo();?> leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
CVE-2024-5008 | 1 Progress | 1 Whatsup Gold | 2024-09-06 | 8.8 High |
In WhatsUp Gold versions released before 2023.1.3, an authenticated user with certain permissions can upload an arbitrary file and obtain RCE usingĀ Apm.UI.Areas.APM.Controllers.Api.Applications.AppProfileImportController. | ||||
CVE-2024-8164 | 1 Beikeshop | 2 Beikeshop, Chengdu Everbrite Network Technology | 2024-09-06 | 6.3 Medium |
A vulnerability, which was classified as critical, has been found in Chengdu Everbrite Network Technology BeikeShop up to 1.5.5. Affected by this issue is the function rename of the file /Admin/Http/Controllers/FileManagerController.php. The manipulation of the argument new_name leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
CVE-2023-42803 | 1 Bigbluebutton | 1 Bigbluebutton | 2024-09-06 | 5.3 Medium |
BigBlueButton is an open-source virtual classroom. BigBlueButton prior to version 2.6.0-beta.2 is vulnerable to unrestricted file upload, where the insertDocument API call does not validate the given file extension before saving the file, and does not remove it in case of validation failures. BigBlueButton 2.6.0-beta.2 contains a patch. There are no known workarounds. | ||||
CVE-2024-31777 | 2024-09-06 | 9.8 Critical | ||
File Upload vulnerability in openeclass v.3.15 and before allows an attacker to execute arbitrary code via a crafted file to the certbadge.php endpoint. | ||||
CVE-2024-7694 | 1 Teamt5 | 1 Threatsonar Anti-ransomware | 2024-09-06 | 7.2 High |
ThreatSonar Anti-Ransomware from TeamT5 does not properly validate the content of uploaded files. Remote attackers with administrator privileges on the product platform can upload malicious files, which can be used to execute arbitrary system command on the server. | ||||
CVE-2024-6280 | 1 Oretnom23 | 1 Simple Online Bidding System | 2024-09-06 | 6.3 Medium |
A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/ajax.php?action=save_settings. The manipulation of the argument img leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-269493 was assigned to this vulnerability. | ||||
CVE-2024-45076 | 2 Ibm, Softwareag | 2 Webmethods Integration, Webmethods | 2024-09-06 | 9.9 Critical |
IBM webMethods Integration 10.15 could allow an authenticated user to upload and execute arbitrary files which could be executed on the underlying operating system. | ||||
CVE-2024-43249 | 1 Bitapps | 2 Bit Form, Bit Form Pro | 2024-09-06 | 9.9 Critical |
Unrestricted Upload of File with Dangerous Type vulnerability in Bit Apps Bit Form Pro allows Command Injection.This issue affects Bit Form Pro: from n/a through 2.6.4. | ||||
CVE-2023-40050 | 1 Chef | 1 Automate | 2024-09-06 | 9.9 Critical |
Upload profile either through API or user interface in Chef Automate prior to and including version 4.10.29 using InSpec check command with maliciously crafted profile allows remote code execution. | ||||
CVE-2024-45171 | 1 Za-internet | 1 C-mor Video Surveillance | 2024-09-06 | 8.8 High |
An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Due to improper user input validation, it is possible to upload dangerous files, for instance PHP code, to the C-MOR system. By analyzing the C-MOR web interface, it was found out that the upload functionality for backup files allows an authenticated user to upload arbitrary files. The only condition is that the filename contains a .cbkf string. Therefore, webshell.cbkf.php is considered a valid file name for the C-MOR web application. Uploaded files are stored within the directory "/srv/www/backups" on the C-MOR system, and can thus be accessed via the URL https://<HOST>/backup/upload_<FILENAME>. Due to broken access control, low-privileged authenticated users can also use this file upload functionality. | ||||
CVE-2023-1713 | 1 Bitrix24 | 1 Bitrix24 | 2024-09-05 | 8.8 High |
Insecure temporary file creation in bitrix/modules/crm/lib/order/import/instagram.php in Bitrix24 22.0.300 hosted on Apache HTTP Server allows remote authenticated attackers to execute arbitrary code via uploading a crafted ".htaccess" file. | ||||
CVE-2023-1720 | 1 Bitrix24 | 1 Bitrix24 | 2024-09-05 | 9.6 Critical |
Lack of mime type response header in Bitrix24 22.0.300 allows authenticated remote attackers to execute arbitrary JavaScript code in the victim's browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege, via uploading a crafted HTML file through /desktop_app/file.ajax.php?action=uploadfile. | ||||
CVE-2024-40645 | 1 Fogproject | 1 Fogproject | 2024-09-05 | 8.8 High |
FOG is a cloning/imaging/rescue suite/inventory management system. An improperly restricted file upload feature allows authenticated users to execute arbitrary code on the fogproject server. The Rebranding feature has a check on the client banner image requiring it to be 650 pixels wide and 120 pixels high. Apart from that, there are no checks on things like file extensions. This can be abused by appending a PHP webshell to the end of the image and changing the extension to anything the PHP web server will parse. This vulnerability is fixed in 1.5.10.41. | ||||
CVE-2024-6945 | 1 Flute-cms | 1 Flute | 2024-09-05 | 6.3 Medium |
A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been classified as critical. This affects an unknown part of the file app/Core/Http/Controllers/Profile/ImagesController.php of the component Avatar Upload Page. The manipulation of the argument avatar leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-272067. | ||||
CVE-2023-41725 | 1 Ivanti | 1 Avalanche | 2024-09-05 | 7.8 High |
Ivanti Avalanche EnterpriseServer Service Unrestricted File Upload Local Privilege Escalation Vulnerability | ||||
CVE-2023-41357 | 1 Gss | 1 Vitals Enterprise Social Platform | 2024-09-05 | 8.8 High |
Galaxy Software Services Corporation Vitals ESP is an online knowledge base management portal, it has insufficient filtering and validation during file upload. An authenticated remote attacker with general user privilege can exploit this vulnerability to upload and execute scripts onto arbitrary directories to perform arbitrary system operations or disrupt service. |