Total
2765 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-6823 | 1 Davidlingren | 1 Media Library Assistant | 2025-02-07 | N/A | N/A |
| The Media Library Assistant plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation involving the mla-inline-edit-upload-scripts AJAX action in all versions up to, and including, 3.18. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. | |||||
| CVE-2024-7484 | 1 Crmperks | 1 Crm Perks Forms | 2025-02-07 | N/A | N/A |
| The CRM Perks Forms plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'handle_uploaded_files' function in versions up to, and including, 1.1.3. This makes it possible for authenticated attackers with administrator-level capabilities or above, to upload arbitrary files on the affected site's server which may make remote code execution possible. | |||||
| CVE-2025-0582 | 1 Angeljudesuarez | 1 Tailoring Management System | 2025-02-07 | N/A | 7.2 HIGH |
| A vulnerability classified as critical was found in itsourcecode Farm Management System up to 1.0. This vulnerability affects unknown code of the file /add-pig.php. The manipulation of the argument pigphoto leads to unrestricted upload. The attack can be initiated remotely. | |||||
| CVE-2024-3962 | 1 Themeisle | 1 Product Addons \& Fields For Woocommerce | 2025-02-07 | N/A | N/A |
| The Product Addons & Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ppom_upload_file function in all versions up to, and including, 32.0.18. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. Successful exploitation requires the PPOM Pro plugin to be installed along with a WooCommerce product that contains a file upload field to retrieve the correct nonce. | |||||
| CVE-2023-29621 | 1 Purchase Order Management Project | 1 Purchase Order Management | 2025-02-06 | N/A | 8.8 HIGH |
| Purchase Order Management v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server. | |||||
| CVE-2023-29627 | 1 Online Pizza Ordering Project | 1 Online Pizza Ordering | 2025-02-06 | N/A | 8.8 HIGH |
| Online Pizza Ordering v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server. | |||||
| CVE-2022-34128 | 1 Glpi-project | 1 Positions | 2025-02-06 | N/A | 9.8 CRITICAL |
| The Cartography (aka positions) plugin before 6.0.1 for GLPI allows remote code execution via PHP code in the POST data to front/upload.php. | |||||
| CVE-2024-27943 | 1 Siemens | 1 Ruggedcom Crossbow | 2025-02-06 | N/A | 7.2 HIGH |
| A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow a privileged user to upload generic files to the root installation directory of the system. By replacing specific files, an attacker could tamper specific files or even achieve remote code execution. | |||||
| CVE-2024-27944 | 1 Siemens | 1 Ruggedcom Crossbow | 2025-02-06 | N/A | 7.2 HIGH |
| A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow a privileged user to upload firmware files to the root installation directory of the system. By replacing specific files, an attacker could tamper specific files or even achieve remote code execution. | |||||
| CVE-2024-27945 | 1 Siemens | 1 Ruggedcom Crossbow | 2025-02-06 | N/A | 7.2 HIGH |
| A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The bulk import feature of the affected systems allow a privileged user to upload files to the root installation directory of the system. By replacing specific files, an attacker could tamper specific files or even achieve remote code execution. | |||||
| CVE-2024-2667 | 1 Instawp | 1 Instawp Connect | 2025-02-06 | N/A | N/A |
| The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation in the /wp-json/instawp-connect/v1/config REST API endpoint in all versions up to, and including, 0.1.0.22. This makes it possible for unauthenticated attackers to upload arbitrary files. | |||||
| CVE-2023-27755 | 1 71note | 1 Go-bbs | 2025-02-06 | N/A | 8.8 HIGH |
| go-bbs v1 was discovered to contain an arbitrary file download vulnerability via the component /api/v1/download. | |||||
| CVE-2017-12617 | 6 Apache, Canonical, Debian and 3 more | 58 Tomcat, Ubuntu Linux, Debian Linux and 55 more | 2025-02-06 | 6.8 MEDIUM | 8.1 HIGH |
| When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server. | |||||
| CVE-2024-25636 | 1 Misskey | 1 Misskey | 2025-02-05 | N/A | 8.8 HIGH |
| Misskey is an open source, decentralized social media platform with ActivityPub support. Prior to version 2024.2.0, when fetching remote Activity Streams objects, Misskey doesn't check that the response from the remote server has a `Content-Type` header value of the Activity Streams media type, which allows a threat actor to upload a crafted Activity Streams document to a remote server and make a Misskey instance fetch it, if the remote server accepts arbitrary user uploads. The vulnerability allows a threat actor to impersonate and take over an account on a remote server that satisfies all of the following properties: allows the threat actor to register an account; accepts arbitrary user-uploaded documents and places them on the same domain as legitimate Activity Streams actors; and serves user-uploaded document in response to requests with an `Accept` header value of the Activity Streams media type. Version 2024.2.0 contains a patch for the issue. | |||||
| CVE-2024-1468 | 1 Theme-fusion | 1 Avada | 2025-02-05 | N/A | N/A |
| The Avada | Website Builder For WordPress & WooCommerce theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_import_options() function in all versions up to, and including, 7.11.4. This makes it possible for authenticated attackers, with contributor-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. | |||||
| CVE-2025-1028 | 2025-02-05 | N/A | 8.1 HIGH | ||
| The Contact Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the contact form upload feature in all versions up to, and including, 8.6.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible in specific configurations where the first extension is processed over the final. This vulnerability also requires successfully exploiting a race condition in order to exploit. | |||||
| CVE-2023-2245 | 1 Hansuncms Project | 1 Hansuncms | 2025-02-04 | N/A | 6.3 MEDIUM |
| A vulnerability was found in hansunCMS 1.4.3. It has been declared as critical. This vulnerability affects unknown code of the file /ueditor/net/controller.ashx?action=catchimage. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-227230 is the identifier assigned to this vulnerability. | |||||
| CVE-2022-25277 | 1 Drupal | 1 Drupal | 2025-02-03 | N/A | 7.2 HIGH |
| Drupal core sanitizes filenames with dangerous extensions upon upload (reference: SA-CORE-2020-012) and strips leading and trailing dots from filenames to prevent uploading server configuration files (reference: SA-CORE-2019-010). However, the protections for these two vulnerabilities previously did not work correctly together. As a result, if the site were configured to allow the upload of files with an htaccess extension, these files' filenames would not be properly sanitized. This could allow bypassing the protections provided by Drupal core's default .htaccess files and possible remote code execution on Apache web servers. This issue is mitigated by the fact that it requires a field administrator to explicitly configure a file field to allow htaccess as an extension (a restricted permission), or a contributed module or custom code that overrides allowed file uploads. | |||||
| CVE-2023-30266 | 1 Cltphp | 1 Cltphp | 2025-02-03 | N/A | 8.8 HIGH |
| CLTPHP <=6.0 is vulnerable to Unrestricted Upload of File with Dangerous Type. | |||||
| CVE-2023-29721 | 1 Sofawiki Project | 1 Sofawiki | 2025-01-31 | N/A | 9.8 CRITICAL |
| SofaWiki <= 3.8.9 has a file upload vulnerability that leads to command execution. | |||||