Total
2500 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-21481 | 1 Rgcms Project | 1 Rgcms | 2024-08-04 | 7.2 High |
| An arbitrary file upload vulnerability in RGCMS v1.06 allows attackers to execute arbitrary code via a crafted .txt file which is later changed to a PHP file. | ||||
| CVE-2020-21359 | 1 Maccms | 1 Maccms | 2024-08-04 | 9.8 Critical |
| An arbitrary file upload vulnerability in the Template Upload function of Maccms10 allows attackers bypass the suffix whitelist verification to execute arbitrary code via adding a character to the end of the uploaded file's name. | ||||
| CVE-2020-21325 | 1 Wuzhicms | 1 Wuzhicms | 2024-08-04 | 8.8 High |
| An issue in WUZHI CMS v.4.1.0 allows a remote attacker to execute arbitrary code via the set_chache method of the function\common.func.php file. | ||||
| CVE-2020-21322 | 1 Feehi | 1 Feehicms | 2024-08-04 | 9.8 Critical |
| An arbitrary file upload vulnerability in Feehi CMS v2.0.8 and below allows attackers to execute arbitrary code via a crafted PHP file. | ||||
| CVE-2020-20979 | 1 8cms | 1 Ljcms | 2024-08-04 | 9.8 Critical |
| An arbitrary file upload vulnerability in the move_uploaded_file() function of LJCMS v4.3 allows attackers to execute arbitrary code. | ||||
| CVE-2020-21174 | 1 Feehi | 1 Feehicms | 2024-08-04 | 9.8 Critical |
| File Upload vulenrability in liufee CMS v.2.0.7.1 allows a remote attacker to execute arbitrary code via the image suffix function. | ||||
| CVE-2020-21005 | 1 Wellcms | 1 Wellcms | 2024-08-04 | 6.5 Medium |
| WellCMS 2.0 beta3 is vulnerable to File Upload. A user can log in to the CMS background and upload a picture. Because the upload file type is controllable, the user can modify the upload file type to get webshell. | ||||
| CVE-2020-20919 | 1 Pluck-cms | 1 Pluck | 2024-08-04 | 7.2 High |
| File upload vulnerability in Pluck CMS v.4.7.10-dev2 allows a remote attacker to execute arbitrary code and access sensitive information via the theme.php file. | ||||
| CVE-2020-20718 | 1 Pluck-cms | 1 Pluckcms | 2024-08-04 | 9.8 Critical |
| File Upload vulnerability in PluckCMS v.4.7.10 dev versions allows a remote attacker to execute arbitrary code via a crafted image file to the the save_file() parameter. | ||||
| CVE-2020-20969 | 1 Pluck-cms | 1 Pluck | 2024-08-04 | 7.2 High |
| File Upload vulnerability in PluckCMS v.4.7.10 allows a remote attacker to execute arbitrary code via the trashcan_restoreitem.php file. | ||||
| CVE-2020-20735 | 1 8cms | 1 Ljcms | 2024-08-04 | 9.8 Critical |
| File Upload vulnerability in LJCMS v.4.3.R60321 allows a remote attacker to execute arbitrary code via the ljcms/index.php parameter. | ||||
| CVE-2020-20672 | 1 Kitesky | 1 Kitecms | 2024-08-04 | 7.8 High |
| An arbitrary file upload vulnerability in /admin/upload/uploadfile of KiteCMS V1.1 allows attackers to getshell via a crafted PHP file. | ||||
| CVE-2020-20691 | 1 Monstra | 1 Monstra Cms | 2024-08-04 | 6.5 Medium |
| An issue in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via bypassing the file extension filter and uploading crafted HTML files. | ||||
| CVE-2020-20670 | 1 Zkea | 1 Zkeacms | 2024-08-04 | 8.8 High |
| An arbitrary file upload vulnerability in /admin/media/upload of ZKEACMS V3.2.0 allows attackers to execute arbitrary code via a crafted HTML file. | ||||
| CVE-2020-20588 | 1 Ibarn Project | 1 Ibarn | 2024-08-04 | 8.8 High |
| File upload vulnerability in function upload in action/Core.class.php in zhimengzhe iBarn 1.5 allows remote attackers to run arbitrary code via avatar upload to index.php. | ||||
| CVE-2020-20210 | 1 Bludit | 1 Bludit | 2024-08-04 | 8.8 High |
| Bludit 3.9.2 is vulnerable to Remote Code Execution (RCE) via /admin/ajax/upload-images. | ||||
| CVE-2020-20092 | 1 Articlecms Project | 1 Articlecms | 2024-08-04 | 9.8 Critical |
| File Upload vulnerability exists in ArticleCMS 1.0 via the image upload feature at /admin by changing the Content-Type to image/jpeg and placing PHP code after the JPEG data, which could let a remote malicious user execute arbitrary PHP code. | ||||
| CVE-2020-20287 | 1 Yccms | 1 Yccms | 2024-08-04 | 9.8 Critical |
| Unrestricted file upload vulnerability in the yccms 3.3 project. The xhUp function's improper judgment of the request parameters, triggers remote code execution. | ||||
| CVE-2020-19802 | 1 Doyocms Project | 1 Doyocms | 2024-08-04 | 9.8 Critical |
| File Upload vulnerability found in Milken DoyoCMS v.2.3 allows a remote attacker to execute arbitrary code via the upload file type parameter. | ||||
| CVE-2020-20067 | 1 Ebcms | 1 Ebcms | 2024-08-04 | 8.8 High |
| File upload vulnerability in ebCMS v.1.1.0 allows a remote attacker to execute arbitrary code via the upload type parameter. | ||||