Check CVE Id
Check CWE Id
Sierra Wireless AirLink ES450 ACEManager upload.cgi Remote Code Execution
WordPress Ultimate-Member Plugins 2.0.38 CSRF Backdoor Access
WordPress MM-Forms-Community Plugins 2.2.7 Backdoor Access and SQL Injection Vulnerability
WordPress pitajte-strucnjaka Plugins 4.9.6 Backdoor Access Vulnerability
WordPress category-page-icons Plugins 3.6.1 CSRF Backdoor Access Vulnerability
Joomla Codextrous Com_B2jcontact Components 2.1.17 Shell Upload Vulnerability
Design & Developed by SoftBd Ltd. Bangladesh Education Portals Multiple Vulnerabilities
ShopNx - Angular5 Single Page Shopping Cart Application 1 - Arbitrary File Upload
Gardenoma Remote File Upload Vulnerability
WordPress Theme Sydney by aThemes 2018 GravityForms Input Remote File Upload Vulnerability
LifeRay (Fckeditor) Arbitrary File Upload Vulnerability
phpCollab 2.5.1 Arbitrary File Upload
PhpCollab 2.5.1 Shell Upload
Nuxeo Platform 6.x / 7.x Shell Upload
Trendmicro InterScan 6.5-SP2_Build_Linux_1548 Remote Root
Matt Bergin (@thatguyl...
Trendmicro InterScan 6.5-SP2_Build_Linux_1548 Arbitrary File Write
Cisco Firepower Threat Management Command Execution
WordPress Daily Edition 1.6.2 File Upload
Intrexx Professional 6.0 / 5.2 Remote Code Execution
HelpDEZk 1.0.1 Unrestricted File Upload
High-Tech Bridge Secur...
WordPress E-Commerce 18.104.22.168 File Upload / XSS / CSRF / Code Execution
DMXReady Registration Manager Arbitrary File Upload Vulnerability
CVEMAP Search Results
Path Traversal and Unrestricted File Upload exists in the Ninja Forms plugin before 3.0.23 for WordPress (when the Uploads add-on is activated). This allows an attacker to traverse the file system to access files and execute code via the includes/fields/upload.php (aka upload/submit page) name and tmp_name parameters.
An exploitable remote code execution vulnerability exists in the upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can upload a file, resulting in executable code being uploaded, and routable, to the webserver. An attacker can make an authenticated HTTP request to trigger this vulnerability.
Moodle 3.6.3 allows remote authenticated administrators to execute arbitrary PHP code via a ZIP archive, containing a theme_*.php file, to repository/repository_ajax.php?action=upload and admin/tool/installaddon/index.php.
/fileman/php/upload.php in doorGets 7.0 has an arbitrary file upload vulnerability. A remote normal registered user can use this vulnerability to upload backdoor files to control the server.
An issue was discovered in AikCms v2.0. There is a File upload vulnerability, as demonstrated by an admin/page/system/nav.php request with PHP code in a .php file with the application/octet-stream content type.
The administrative server component of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric, TIBCO ActiveMatrix Policy Director, TIBCO ActiveMatrix Service Bus, TIBCO ActiveMatrix Service Grid, TIBCO ActiveMatrix Service Grid Distribution for TIBCO Silver Fabric, TIBCO Silver Fabric Enabler for ActiveMatrix BPM, and TIBCO Silver Fabric Enabler for ActiveMatrix Service Grid contains a vulnerability wherein a user without privileges to upload distributed application archives ("Upload DAA" permission) can theoretically upload arbitrary code, and in some circumstances then execute that code on ActiveMatrix Service Grid nodes. Affected releases are TIBCO Software Inc.'s TIBCO ActiveMatrix BPM: versions up to and including 4.2.0, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric: versions up to and including 4.2.0, TIBCO ActiveMatrix Policy Director: versions up to and including 1.1.0, TIBCO ActiveMatrix Service Bus: versions up to and including 3.3.0, TIBCO ActiveMatrix Service Grid: versions up to and including 3.3.1, TIBCO ActiveMatrix Service Grid Distribution for TIBCO Silver Fabric: versions up to and including 3.3.0, TIBCO Silver Fabric Enabler for ActiveMatrix BPM: versions up to and including 1.4.1, and TIBCO Silver Fabric Enabler for ActiveMatrix Service Grid: versions up to and including 1.3.1.
Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud EX4100, My Cloud DL2100, My Cloud DL4100, My Cloud PR2100 and My Cloud PR4100 firmware before 2.31.174 is affected by an unauthenticated file upload vulnerability. The page web/jquery/uploader/uploadify.php can be accessed without any credentials, and allows uploading arbitrary files to any location on the attached storage.
An issue was discovered in CutePHP CuteNews 2.1.2. An attacker can infiltrate the server through the avatar upload process in the profile area via the avatar_file field to index.php?mod=main&opt=personal. There is no effective control of $imgsize in /core/modules/dashboard.php. The header content of a file can be changed and the control can be bypassed for code execution. (An attacker can use the GIF header for this.)
A issue was discovered in SiteServer CMS 6.9.0. It allows remote attackers to execute arbitrary code because an administrator can add the permitted file extension .aassp, which is converted to .asp because the "as" substring is deleted.
OpenKM 6.3.2 through 6.3.7 allows an attacker to upload a malicious JSP file into the /okm:root directories and move that file to the home directory of the site, via frontend/FileUpload and admin/repository_export.jsp. This is achieved by interfering with the Filesystem path control in the admin's Export field. As a result, attackers can gain remote code execution through the application server with root privileges.
Back to Top