Total
2765 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-5844 | 1 Artica | 1 Pandora Fms | 2022-11-29 | 6.5 MEDIUM | 7.2 HIGH |
| index.php?sec=godmode/extensions&sec2=extensions/files_repo in Pandora FMS v7.0 NG allows authenticated administrators to upload malicious PHP scripts, and execute them via base64 decoding of the file location. This affects v7.0NG.742_FIX_PERL2020. | |||||
| CVE-2022-2791 | 1 Emerson | 1 Proficy | 2022-11-26 | N/A | 7.8 HIGH |
| Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-434 Unrestricted Upload of File with Dangerous Type, and will upload any file written into the PLC logic folder to the connected PLC. | |||||
| CVE-2020-0971 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2022-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0920, CVE-2020-0929, CVE-2020-0931, CVE-2020-0932, CVE-2020-0974. | |||||
| CVE-2021-46386 | 1 Mingsoft | 1 Mcms | 2022-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| File upload vulnerability in mingSoft MCMS through 5.2.5, allows remote attackers to execute arbitrary code via a crafted jspx webshell to net.mingsoft.basic.action.web.FileAction#upload. | |||||
| CVE-2022-42698 | 1 Api2cart | 1 Api2cart Bridge Connector | 2022-11-21 | N/A | 9.8 CRITICAL |
| Unauth. Arbitrary File Upload vulnerability in WordPress Api2Cart Bridge Connector plugin <= 1.1.0 on WordPress. | |||||
| CVE-2022-39036 | 1 Flowring | 1 Agentflow | 2022-11-15 | N/A | 9.8 CRITICAL |
| The file upload function of Agentflow BPM has insufficient filtering for special characters in URLs. An unauthenticated remote attacker can exploit this vulnerability to upload arbitrary file and execute arbitrary code to manipulate system or disrupt service. | |||||
| CVE-2020-7246 | 1 Qdpm | 1 Qdpm | 2022-11-10 | 6.5 MEDIUM | 8.8 HIGH |
| A remote code execution (RCE) vulnerability exists in qdPM 9.1 and earlier. An attacker can upload a malicious PHP code file via the profile photo functionality, by leveraging a path traversal vulnerability in the users['photop_preview'] delete photo feature, allowing bypass of .htaccess protection. NOTE: this issue exists because of an incomplete fix for CVE-2015-3884. | |||||
| CVE-2021-23394 | 1 Std42 | 1 Elfinder | 2022-11-09 | 6.8 MEDIUM | 9.8 CRITICAL |
| The package studio-42/elfinder before 2.1.58 are vulnerable to Remote Code Execution (RCE) via execution of PHP code in a .phar file. NOTE: This only applies if the server parses .phar files as PHP. | |||||
| CVE-2022-2268 | 1 Soflyy | 1 Wp All Import | 2022-11-05 | 6.5 MEDIUM | 7.2 HIGH |
| The Import any XML or CSV File to WordPress plugin before 3.6.8 accepts all zip files and automatically extracts the zip file without validating the extracted file type. Allowing high privilege users such as admin to upload an arbitrary file like PHP, leading to RCE | |||||
| CVE-2022-3575 | 1 Frauscher | 1 Frauscher Diagnostic System 102 | 2022-11-05 | N/A | 9.8 CRITICAL |
| Frauscher Sensortechnik GmbH FDS102 for FAdC R2 and FAdCi R2 v2.8.0 to v2.9.1 are vulnerable to malicious code upload without authentication by using the configuration upload function. This could lead to a complete compromise of the FDS102 device. | |||||
| CVE-2021-38397 | 1 Honeywell | 8 Application Control Environment, Application Control Environment Firmware, C200 and 5 more | 2022-11-02 | N/A | 10.0 CRITICAL |
| Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to unrestricted file uploads, which may allow an attacker to remotely execute arbitrary code and cause a denial-of-service condition. | |||||
| CVE-2022-41681 | 1 Formalms | 1 Formalms | 2022-11-01 | N/A | 8.8 HIGH |
| There is a vulnerability on Forma LMS version 3.1.0 and earlier that could allow an authenticated attacker (with the role of student) to privilege escalate in order to upload a Zip file through the SCORM importer feature. The exploitation of this vulnerability could lead to a remote code injection. | |||||
| CVE-2022-42925 | 1 Formalms | 1 Formalms | 2022-11-01 | N/A | 8.8 HIGH |
| There is a vulnerability on Forma LMS version 3.1.0 and earlier that could allow an authenticated attacker (with the role of student) to privilege escalate in order to upload a Zip file through the plugin upload component. The exploitation of this vulnerability could lead to a remote code injection. | |||||
| CVE-2021-38945 | 2 Ibm, Netapp | 2 Cognos Analytics, Oncommand Insight | 2022-10-28 | 7.5 HIGH | 9.8 CRITICAL |
| IBM Cognos Analytics 11.2.1, 11.2.0, and 11.1.7 could allow a remote attacker to upload arbitrary files, caused by improper content validation. IBM X-Force ID: 211238. | |||||
| CVE-2022-31854 | 1 Codologic | 1 Codoforum | 2022-10-28 | 6.5 MEDIUM | 7.2 HIGH |
| Codoforum v5.1 was discovered to contain an arbitrary file upload vulnerability via the logo change option in the admin panel. | |||||
| CVE-2022-34115 | 1 Dataease Project | 1 Dataease | 2022-10-27 | N/A | 9.8 CRITICAL |
| DataEase v1.11.1 was discovered to contain a arbitrary file write vulnerability via the parameter dataSourceId. | |||||
| CVE-2021-41178 | 1 Nextcloud | 1 Server | 2022-10-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| Nextcloud is an open-source, self-hosted productivity platform. Prior to versions 20.0.13, 21.0.5, and 22.2.0, a file traversal vulnerability makes an attacker able to download arbitrary SVG images from the host system, including user provided files. This could also be leveraged into a XSS/phishing attack, an attacker could upload a malicious SVG file that mimics the Nextcloud login form and send a specially crafted link to victims. The XSS risk here is mitigated due to the fact that Nextcloud employs a strict Content-Security-Policy disallowing execution of arbitrary JavaScript. It is recommended that the Nextcloud Server be upgraded to 20.0.13, 21.0.5 or 22.2.0. There are no known workarounds aside from upgrading. | |||||
| CVE-2021-24252 | 1 Wp-eventmanager | 1 Event Banner | 2022-10-25 | 6.5 MEDIUM | 7.2 HIGH |
| The Event Banner WordPress plugin through 1.3 does not verify the uploaded image file, allowing admin accounts to upload arbitrary files, such as .exe, .php, or others executable, leading to RCE. Due to the lack of CSRF check, the issue can also be used via such vector to achieve the same result, or via a LFI as authorisation checks are missing (but would require WP to be loaded) | |||||
| CVE-2021-24620 | 1 Simple-e-commerce-shopping-cart Project | 1 Simple-e-commerce-shopping-cart | 2022-10-25 | 6.8 MEDIUM | 8.8 HIGH |
| The WordPress Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal plugin through 2.2.5 does not check for the uploaded Downloadable Digital product file, allowing any file, such as PHP to be uploaded by an administrator. Furthermore, as there is no CSRF in place, attackers could also make a logged admin upload a malicious PHP file, which would lead to RCE | |||||
| CVE-2021-24947 | 1 Thinkupthemes | 1 Responsive Vector Maps | 2022-10-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| The RVM WordPress plugin before 6.4.2 does not have proper authorisation, CSRF checks and validation of the rvm_upload_regions_file_path parameter in the rvm_import_regions AJAX action, allowing any authenticated user, such as subscriber, to read arbitrary files on the web server | |||||