CWE:
 

Tytuł
Data
Autor
High
Lektor 3.3.10 Arbitrary File upload
20.03.2024
kai6u
Med.
Designed By Sevy INC. - SQL Injection Vulnerability, Unrestricted File Upload Vulnerability and Default Admin Credentials
06.07.2022
MR.$UD0
High
WordPress Catch Themes Demo Import 1.6.1 Shell Upload
11.12.2021
Ron Jost
High
WordPress SP Project And Document Manager 4.21 Shell Upload
08.07.2021
Ron Jost
High
WordPress Modern Events Calendar 5.16.2 Shell Upload
02.07.2021
Ron Jost
High
OpenEMR 5.0.1.3 Shell Upload
14.06.2021
Ron Jost
High
VisualWare MyConnection Server 11.x Remote Code Execution
28.02.2021
Ryan Wincey
High
Moodle 3.8 Arbitary File Upload
30.11.2020
Sirwan Veisi
High
XUpload Remote File Upload Vulnerability
04.11.2020
h4shur
High
Typesetter CMS 5.1 Remote Code Execution
07.10.2020
Rodolfo Tavares
High
ckeditor-elfinder Remote File Upload Vulnerability
21.09.2020
h4shur
High
Golo - Business Listing, City Travel Guide Laravel Theme v1.1.5 - Arbitrary File Upload
13.07.2020
Vlad Vector
High
filemanager File Upload vulnerability
03.05.2020
h4shur
High
LifeRay CMS (Fckeditor) Arbitrary File Upload Vulnerability
10.04.2020
h4shur
High
NewsOne CMS – News, Magazine & Blog Script v1.1.0 Arbitrary File Upload
19.01.2020
m0ze
Med.
EwebTonic Services Pvt Ltd Software Authentication Bypass Backdoor Access Vulnerability
17.09.2019
KingSkrupellos
Med.
Giribala Creative Ventures Fluent Technology Software Authentication Bypass Backdoor Access Vulnerability
15.09.2019
KingSkrupellos
High
BKS EBK Ethernet-Buskoppler Pro Shell Upload
05.07.2019
Sebastian Auwaerter
High
Sierra Wireless AirLink ES450 ACEManager upload.cgi Remote Code Execution
28.04.2019
Cisco Talos
Med.
WordPress Ultimate-Member Plugins 2.0.38 CSRF Backdoor Access
04.02.2019
KingSkrupellos
Med.
WordPress MM-Forms-Community Plugins 2.2.7 Backdoor Access and SQL Injection Vulnerability
27.01.2019
KingSkrupellos
Med.
WordPress pitajte-strucnjaka Plugins 4.9.6 Backdoor Access Vulnerability
27.01.2019
KingSkrupellos
Med.
WordPress category-page-icons Plugins 3.6.1 CSRF Backdoor Access Vulnerability
18.01.2019
KingSkrupellos
High
Joomla Codextrous Com_B2jcontact Components 2.1.17 Shell Upload Vulnerability
09.01.2019
KingSkrupellos
Med.
Design & Developed by SoftBd Ltd. Bangladesh Education Portals Multiple Vulnerabilities
04.09.2018
KingSkrupellos
Med.
ShopNx - Angular5 Single Page Shopping Cart Application 1 - Arbitrary File Upload
18.06.2018
L0RD
Med.
Gardenoma Remote File Upload Vulnerability
11.06.2018
Mr.T959
Med.
WordPress Theme Sydney by aThemes 2018 GravityForms Input Remote File Upload Vulnerability
08.06.2018
KingSkrupellos
Med.
LifeRay (Fckeditor) Arbitrary File Upload Vulnerability
06.05.2018
Mostafa Gharzi
High
phpCollab 2.5.1 Arbitrary File Upload
03.10.2017
Sysdream
High
PhpCollab 2.5.1 Shell Upload
30.09.2017
SYSDREAM
High
Nuxeo Platform 6.x / 7.x Shell Upload
24.03.2017
SYSDREAM Labs
High
Trendmicro InterScan 6.5-SP2_Build_Linux_1548 Remote Root
18.02.2017
Matt Bergin (@thatguyl...
Med.
Trendmicro InterScan 6.5-SP2_Build_Linux_1548 Arbitrary File Write
18.02.2017
Matt Bergin
High
Cisco Firepower Threat Management Command Execution
06.10.2016
Matt Bergin
High
WordPress Daily Edition 1.6.2 File Upload
10.03.2015
Wang Jing
High
Intrexx Professional 6.0 / 5.2 Remote Code Execution
16.12.2014
Christian Schneider
High
HelpDEZk 1.0.1 Unrestricted File Upload
06.11.2014
High-Tech Bridge Secur...
High
WordPress E-Commerce 3.8.9.5 File Upload / XSS / CSRF / Code Execution
24.01.2014
KedAns-Dz
High
DMXReady Registration Manager Arbitrary File Upload Vulnerability
30.06.2009
Securitylab


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2024-10-21
Waiting for details
CVE-2024-10201

Updating...
 

 
Administrative Management System from Wellchoose does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload and execute webshells.

 
2024-10-20
Waiting for details
CVE-2024-10161

Updating...
 

 
A vulnerability, which was classified as critical, was found in PHPGurukul Boat Booking System 1.0. This affects an unknown part of the file change-image.php of the component Update Boat Image Page. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

 
Waiting for details
CVE-2024-49610

Updating...
 

 
Unrestricted Upload of File with Dangerous Type vulnerability in Jack Zhu allows Upload a Web Shell to a Web Server.This issue affects photokit: from n/a through 1.0.

 
Waiting for details
CVE-2024-49607

Updating...
 

 
Unrestricted Upload of File with Dangerous Type vulnerability in Redwan Hilali WP Dropbox Dropins allows Upload a Web Shell to a Web Server.This issue affects WP Dropbox Dropins: from n/a through 1.0.

 
Waiting for details
CVE-2024-49331

Updating...
 

 
Unrestricted Upload of File with Dangerous Type vulnerability in Myriad Solutionz Property Lot Management System allows Upload a Web Shell to a Web Server.This issue affects Property Lot Management System: from n/a through 4.2.38.

 
Waiting for details
CVE-2024-49330

Updating...
 

 
Unrestricted Upload of File with Dangerous Type vulnerability in brx8r Nice Backgrounds allows Upload a Web Shell to a Web Server.This issue affects Nice Backgrounds: from n/a through 1.0.

 
Waiting for details
CVE-2024-49329

Updating...
 

 
Unrestricted Upload of File with Dangerous Type vulnerability in Vivek Tamrakar WP REST API FNS allows Upload a Web Shell to a Web Server.This issue affects WP REST API FNS: from n/a through 1.0.0.

 
Waiting for details
CVE-2024-49327

Updating...
 

 
Unrestricted Upload of File with Dangerous Type vulnerability in Asep Bagja Priandana Woostagram Connect allows Upload a Web Shell to a Web Server.This issue affects Woostagram Connect: from n/a through 1.0.2.

 
Waiting for details
CVE-2024-49326

Updating...
 

 
Unrestricted Upload of File with Dangerous Type vulnerability in Vasilis Kerasiotis Affiliator allows Upload a Web Shell to a Web Server.This issue affects Affiliator: from n/a through 2.1.3.

 
Waiting for details
CVE-2024-49324

Updating...
 

 
Unrestricted Upload of File with Dangerous Type vulnerability in Sovratec Sovratec Case Management allows Upload a Web Shell to a Web Server.This issue affects Sovratec Case Management: from n/a through 1.0.0.

 

 


Copyright 2024, cxsecurity.com

 

Back to Top