Total
2765 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-12846 | 1 Synacor | 1 Zimbra Collaboration Suite | 2020-06-05 | 6.0 MEDIUM | 8.0 HIGH |
| Zimbra before 8.8.15 Patch 10 and 9.x before 9.0.0 Patch 3 allows remote code execution via an avatar file. There is potential abuse of /service/upload servlet in the webmail subsystem. A user can upload executable files (exe,sh,bat,jar) in the Contact section of the mailbox as an avatar image for a contact. A user will receive a "Corrupt File" error, but the file is still uploaded and stored locally in /opt/zimbra/data/tmp/upload/, leaving it open to possible remote execution. | |||||
| CVE-2020-12828 | 1 Pango | 1 Virtual Private Network Software Development Kit | 2020-06-02 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in AnchorFree VPN SDK before 1.3.3.218. The VPN SDK service takes certain executable locations over a socket bound to localhost. Binding to the socket and providing a path where a malicious executable file resides leads to executing the malicious executable file with SYSTEM privileges. | |||||
| CVE-2018-19355 | 2 Mypresta, Prestashop | 2 Customer Files Upload, Prestashop | 2020-06-02 | 7.5 HIGH | 9.8 CRITICAL |
| modules/orderfiles/ajax/upload.php in the Customer Files Upload addon 2018-08-01 for PrestaShop (1.5 through 1.7) allows remote attackers to execute arbitrary code by uploading a php file via modules/orderfiles/upload.php with auptype equal to product (for upload destinations under modules/productfiles), order (for upload destinations under modules/files), or cart (for upload destinations under modules/cartfiles). | |||||
| CVE-2020-1112 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-05-29 | 9.0 HIGH | 9.9 CRITICAL |
| An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) IIS module improperly handles uploaded content, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'. | |||||
| CVE-2020-11108 | 1 Pi-hole | 1 Pi-hole | 2020-05-27 | 9.0 HIGH | 8.8 HIGH |
| The Gravity updater in Pi-hole through 4.4 allows an authenticated adversary to upload arbitrary files. This can be abused for Remote Code Execution by writing to a PHP file in the web directory. (Also, it can be used in conjunction with the sudo rule for the www-data user to escalate privileges to root.) The code error is in gravity_DownloadBlocklistFromUrl in gravity.sh. | |||||
| CVE-2020-13442 | 1 Dext5 | 1 Dext5 | 2020-05-27 | 7.5 HIGH | 9.8 CRITICAL |
| A Remote code execution vulnerability exists in DEXT5Upload in DEXT5 through 2.7.1402870. An attacker can upload a PHP file via dext5handler.jsp handler because the uploaded file is stored under dext5uploadeddata/. | |||||
| CVE-2020-1102 | 1 Microsoft | 2 Sharepoint Enterprise Server, Sharepoint Server | 2020-05-26 | 6.5 MEDIUM | 8.8 HIGH |
| A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1023, CVE-2020-1024. | |||||
| CVE-2020-1023 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2020-05-26 | 6.5 MEDIUM | 8.8 HIGH |
| A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1024, CVE-2020-1102. | |||||
| CVE-2020-1024 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2020-05-26 | 6.5 MEDIUM | 8.8 HIGH |
| A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1023, CVE-2020-1102. | |||||
| CVE-2020-13384 | 1 Monstra | 1 Monstra | 2020-05-26 | 6.5 MEDIUM | 8.8 HIGH |
| Monstra CMS 3.0.4 allows remote authenticated users to upload and execute arbitrary PHP code via admin/index.php?id=filesmanager because, for example, .php filenames are blocked but .php7 filenames are not, a related issue to CVE-2017-18048. | |||||
| CVE-2020-13241 | 1 Microweber | 1 Microweber | 2020-05-22 | 7.2 HIGH | 7.8 HIGH |
| Microweber 1.1.18 allows Unrestricted File Upload because admin/view:modules/load_module:users#edit-user=1 does not verify that the file extension (used with the Add Image option on the Edit User screen) corresponds to an image file. | |||||
| CVE-2020-11807 | 1 Sourcefabric | 1 Newscoop | 2020-05-20 | 4.6 MEDIUM | 7.8 HIGH |
| Because of Unrestricted Upload of a File with a Dangerous Type, Sourcefabric Newscoop 4.4.7 allows an authenticated user to execute arbitrary PHP code (and sometimes terminal commands) on a server by making an avatar update and then visiting the avatar file under the /images/ path. | |||||
| CVE-2020-12255 | 1 Rconfig | 1 Rconfig | 2020-05-19 | 6.5 MEDIUM | 8.8 HIGH |
| rConfig 3.9.4 is vulnerable to remote code execution due to improper validation in the file upload functionality. vendor.crud.php accepts a file upload by checking content-type without considering the file extension and header. Thus, an attacker can exploit this by uploading a .php file to vendor.php that contains arbitrary PHP code and changing the content-type to image/gif. | |||||
| CVE-2020-13128 | 1 Gwtupload Project | 1 Gwtupload | 2020-05-19 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Manolo GWTUpload 1.0.3. server/UploadServlet.java (the servlet for handling file upload) accepts a delay parameter that causes a thread to sleep. It can be abused to cause all of a server's threads to sleep, leading to denial of service. | |||||
| CVE-2020-12252 | 1 Gigamon | 1 Gigavue | 2020-05-18 | 6.0 MEDIUM | 6.2 MEDIUM |
| An issue was discovered in Gigamon GigaVUE 5.5.01.11. The upload functionality allows an arbitrary file upload for an authenticated user. If an executable file is uploaded into the www-root directory, then it could yield remote code execution via the filename parameter. | |||||
| CVE-2020-5577 | 1 Sixapart | 1 Movable Type | 2020-05-15 | 6.5 MEDIUM | 8.8 HIGH |
| Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and earlier (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and earlier (Movable Type for AWS 7), Movable Type 6.5.3 and earlier (Movable Type 6.5), Movable Type Advanced 6.5.3 and earlier (Movable Type Advanced 6.5), Movable Type 6.3.11 and earlier (Movable Type 6.3), Movable Type Advanced 6.3.11 and earlier (Movable Type 6.3), Movable Type Premium 1.29 and earlier, and Movable Type Premium Advanced 1.29 and earlier) allow remote authenticated attackers to upload arbitrary files and execute a php script via unspecified vectors. | |||||
| CVE-2020-5880 | 1 F5 | 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 8 more | 2020-05-07 | 5.5 MEDIUM | 7.1 HIGH |
| Om BIG-IP 15.0.0-15.0.1.3 and 14.1.0-14.1.2.3, the restjavad process may expose a way for attackers to upload arbitrary files on the BIG-IP system, bypassing the authorization system. Resulting error messages may also reveal internal paths of the server. | |||||
| CVE-2017-15990 | 1 Savsofteproducts | 1 Phpinventory | 2020-05-06 | 7.5 HIGH | 9.8 CRITICAL |
| Php Inventory & Invoice Management System allows Arbitrary File Upload via dashboard/edit_myaccountdetail/. | |||||
| CVE-2020-11943 | 1 Opmantek | 1 Open-audit | 2020-05-05 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in Open-AudIT 3.2.2. There is Arbitrary file upload. | |||||
| CVE-2020-11817 | 1 Rukovoditel | 1 Rukovoditel | 2020-05-05 | 6.8 MEDIUM | 9.8 CRITICAL |
| In Rukovoditel V2.5.2, attackers can upload an arbitrary file to the server just changing the the content-type value. As a result of that, an attacker can execute a command on the server. This specific attack only occurs with the Maintenance Mode setting. | |||||