Total
2503 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-37920 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2024-08-04 | 9.8 Critical |
| Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. | ||||
| CVE-2021-37918 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2024-08-04 | 9.8 Critical |
| Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. | ||||
| CVE-2021-37931 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2024-08-04 | 9.8 Critical |
| Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. | ||||
| CVE-2021-37924 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2024-08-04 | 9.8 Critical |
| Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. | ||||
| CVE-2021-37929 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2024-08-04 | 9.8 Critical |
| Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. | ||||
| CVE-2021-37930 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2024-08-04 | 9.8 Critical |
| Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. | ||||
| CVE-2021-37926 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2024-08-04 | 9.8 Critical |
| Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. | ||||
| CVE-2021-37923 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2024-08-04 | 9.8 Critical |
| Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. | ||||
| CVE-2021-37741 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2024-08-04 | 8.8 High |
| ManageEngine ADManager Plus before 7111 has Pre-authentication RCE vulnerabilities. | ||||
| CVE-2021-37928 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2024-08-04 | 9.8 Critical |
| Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. | ||||
| CVE-2021-37921 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2024-08-04 | 9.8 Critical |
| Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. | ||||
| CVE-2021-37919 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2024-08-04 | 9.8 Critical |
| Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. | ||||
| CVE-2021-37770 | 1 Nucleuscms | 1 Nucleus Cms | 2024-08-04 | 7.2 High |
| Nucleus CMS v3.71 is affected by a file upload vulnerability. In this vulnerability, we can use upload to change the upload path to the path without the Htaccess file. Upload an Htaccess file and write it to AddType application / x-httpd-php.jpg. In this way, an attacker can upload a picture with shell, treat it as PHP, execute commands, so as to take down website resources. | ||||
| CVE-2021-37762 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2024-08-04 | 9.8 Critical |
| Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file overwrite leading to remote code execution. | ||||
| CVE-2021-37761 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2024-08-04 | 9.8 Critical |
| Zoho ManageEngine ADManager Plus version 7110 and prior is vulnerable to unrestricted file upload, leading to remote code execution. | ||||
| CVE-2021-37608 | 1 Apache | 1 Ofbiz | 2024-08-04 | 9.8 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Apache OFBiz allows an attacker to execute remote commands. This issue affects Apache OFBiz version 17.12.07 and prior versions. Upgrade to at least 17.12.08 or apply patches at https://issues.apache.org/jira/browse/OFBIZ-12297. | ||||
| CVE-2021-37539 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2024-08-04 | 9.8 Critical |
| Zoho ManageEngine ADManager Plus before 7111 is vulnerable to unrestricted file which leads to Remote code execution. | ||||
| CVE-2021-37194 | 1 Siemens | 1 Comos | 2024-08-04 | 7.5 High |
| A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 only if web components are used), COMOS V10.4 (All versions < V10.4.1 only if web components are used). The COMOS Web component of COMOS allows to upload and store arbitrary files at the webserver. This could allow an attacker to store malicious files. | ||||
| CVE-2021-37444 | 1 Nchsoftware | 1 Ivm Attendant | 2024-08-04 | 8.8 High |
| NCH IVM Attendant v5.12 and earlier suffers from a directory traversal weakness upon uploading plugins in a ZIP archive. This can lead to code execution if a ZIP element's pathname is set to a Windows startup folder, a file for the inbuilt Out-Going Message function, or a file for the the inbuilt Autodial function. | ||||
| CVE-2021-37372 | 1 Online Student Admission System Project | 1 Online Student Admission System | 2024-08-04 | 8.8 High |
| Online Student Admission System 1.0 is affected by an insecure file upload vulnerability. A low privileged user can upload malicious PHP files by updating their profile image to gain remote code execution. | ||||