Total
2499 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2019-9623 | 1 Fengoffice | 1 Feng Office | 2024-08-04 | N/A |
Feng Office 3.7.0.5 allows remote attackers to execute arbitrary code via "<!--#exec cmd=" in a .shtml file to ck_upload_handler.php. | ||||
CVE-2019-9642 | 1 Pydio | 1 Pydio | 2024-08-04 | N/A |
An issue was discovered in proxy.php in pydio-core in Pydio through 8.2.2. Through an unauthenticated request, it possible to evaluate malicious PHP code by placing it on the fourth line of a .php file, as demonstrated by a PoC.php created by the guest account, with execution via a proxy.php?hash=../../../../../var/lib/pydio/data/personal/guest/PoC.php request. This is related to plugins/action.share/src/Store/ShareStore.php. | ||||
CVE-2019-9692 | 1 Cmsmadesimple | 1 Cms Made Simple | 2024-08-04 | N/A |
class.showtime2_image.php in CMS Made Simple (CMSMS) before 2.2.10 does not ensure that a watermark file has a standard image file extension (GIF, JPG, JPEG, or PNG). | ||||
CVE-2019-9581 | 1 Twinkletoessoftware | 1 Booked | 2024-08-04 | 8.8 High |
phpscheduleit Booked Scheduler 2.7.5 allows arbitrary file upload via the Favicon field, leading to execution of arbitrary Web/custom-favicon.php PHP code, because Presenters/Admin/ManageThemePresenter.php does not ensure an image file extension. | ||||
CVE-2019-9185 | 1 Boltcms | 1 Bolt | 2024-08-04 | N/A |
Controller/Async/FilesystemManager.php in the filemanager in Bolt before 3.6.5 allows remote attackers to execute arbitrary PHP code by renaming a previously uploaded file to have a .php extension. | ||||
CVE-2019-9189 | 1 Primasystems | 1 Flexair | 2024-08-04 | N/A |
Prima Systems FlexAir, Versions 2.4.9api3 and prior. The application allows the upload of arbitrary Python scripts when configuring the main central controller. These scripts can be immediately executed because of root code execution, not as a web server user, allowing an authenticated attacker to gain full system access. | ||||
CVE-2019-9181 | 1 Schoolcms | 1 Schoolcms | 2024-08-04 | N/A |
SchoolCMS version 2.3.1 allows file upload via the logo upload feature at admin.php?m=admin&c=site&a=save by using the .jpg extension, changing the Content-Type to image/php, and placing PHP code after the JPEG data. This ultimately allows execution of arbitrary PHP code. | ||||
CVE-2019-9050 | 1 Pluck-cms | 1 Pluck | 2024-08-04 | N/A |
An issue was discovered in Pluck 4.7.9-dev1. It allows administrators to execute arbitrary code by using action=installmodule to upload a ZIP archive, which is then extracted and executed. | ||||
CVE-2019-8942 | 2 Debian, Wordpress | 2 Debian Linux, Wordpress | 2024-08-04 | N/A |
WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif metadata. Exploitation can leverage CVE-2019-8943. | ||||
CVE-2019-8404 | 1 Webiness Inventory Project | 1 Webiness Inventory | 2024-08-04 | N/A |
An issue was discovered in Webiness Inventory 2.3. The ProductModel component allows Arbitrary File Upload via a crafted product image during the creation of a new product. Consequently, an attacker can steal information from the site with the help of an installed executable file, or change the contents of pages. | ||||
CVE-2019-8394 | 1 Zohocorp | 1 Manageengine Servicedesk Plus | 2024-08-04 | N/A |
Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10012 allows remote attackers to upload arbitrary files via login page customization. | ||||
CVE-2019-8371 | 1 Open-emr | 1 Openemr | 2024-08-04 | 7.2 High |
OpenEMR v5.0.1-6 allows code execution. | ||||
CVE-2019-8362 | 1 Dedecms | 1 Dedecms | 2024-08-04 | N/A |
DedeCMS through V5.7SP2 allows arbitrary file upload in dede/album_edit.php or dede/album_add.php, as demonstrated by a dede/album_edit.php?dopost=save&formzip=1 request with a ZIP archive that contains a file such as "1.jpg.php" (because input validation only checks that .jpg, .png, or .gif is present as a substring, and does not otherwise check the file name or content). | ||||
CVE-2019-8293 | 1 Abcprintf | 1 Upload-image-with-ajax | 2024-08-04 | 9.8 Critical |
Due to a logic error in the code, upload-image-with-ajax v1.0 allows arbitrary files to be uploaded to the web root allowing code execution. | ||||
CVE-2019-8140 | 1 Magento | 1 Magento | 2024-08-04 | 4.9 Medium |
An unrestricted file upload vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated admin user can manipulate the Synchronization feature in the Media File Storage of the database to transform uploaded JPEG file into a PHP file. | ||||
CVE-2019-8114 | 1 Magento | 1 Magento | 2024-08-04 | 7.2 High |
A remote code execution vulnerability exists in Magento 1 prior to 1.9.4.3 and 1.14.4.3, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with admin privileges to import features can execute arbitrary code via crafted configuration archive file upload. | ||||
CVE-2019-8093 | 1 Magento | 1 Magento | 2024-08-04 | 8.8 High |
An arbitrary file access vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can leverage file upload controller for downloadable products to read/delete an arbitary files. | ||||
CVE-2019-7930 | 1 Magento | 1 Magento | 2024-08-04 | N/A |
A file upload restriction bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges to the import feature can make modifications to a configuration file, resulting in potentially unauthorized removal of file upload restrictions. This can result in arbitrary code execution when a malicious file is then uploaded and executed on the system. | ||||
CVE-2019-7912 | 1 Magento | 1 Magento | 2024-08-04 | N/A |
A file upload filter bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with admin privileges to edit configuration keys to remove file extension filters, potentially resulting in the malicious upload and execution of malicious files on the server. | ||||
CVE-2019-7861 | 1 Magento | 1 Magento | 2024-08-04 | N/A |
Insufficient server-side validation of user input could allow an attacker to bypass file upload restrictions in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. |