Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

CVEs (4,107)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-17403 1Nokia 1Impact Jun 17, 2026 Nov 25, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Nokia IMPACT < 18A: An unrestricted File Upload vulnerability was found that may lead to Remote Code Execution.
CVE-2013-6234 1Eng 1Spagobi Nov 21, 2024 Nov 22, 2019 N/A· v4 8.0 HIGH· v3 6.0 MEDIUM· v2 Unrestricted file upload vulnerability in the Worksheet designer in SpagoBI before 4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a...Show more Unrestricted file upload vulnerability in the Worksheet designer in SpagoBI before 4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory, aka "XSS File Upload."Show less
CVE-2019-12409 1Apache 1Solr Jun 17, 2026 Nov 18, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLE_REMOTE_JMX_OPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in....Show more The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLE_REMOTE_JMX_OPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX monitoring will be enabled and exposed on RMI_PORT (default=18983), without any authentication. If this port is opened for inbound traffic in your firewall, then anyone with network access to your Solr nodes will be able to access JMX, which may in turn allow them to upload malicious code for execution on the Solr server.Show less
CVE-2019-12271 1Sandline 1Centraleyezer Jun 17, 2026 Nov 18, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Sandline Centraleyezer (On Premises) allows unrestricted File Upload with a dangerous type, because the feature of adding ".jpg" to any uploaded filename is not enforced on the server side.
CVE-2019-19084 1Octopus 1Octopus Deploy Jun 17, 2026 Nov 18, 2019 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 In Octopus Deploy 3.3.0 through 2019.10.4, an authenticated user with PackagePush permission to upload packages could upload a maliciously crafted package, triggering an exception that exposes underlying operating system...Show more In Octopus Deploy 3.3.0 through 2019.10.4, an authenticated user with PackagePush permission to upload packages could upload a maliciously crafted package, triggering an exception that exposes underlying operating system details.Show less
CVE-2019-17058 1Footy 1Tipping Software Jun 17, 2026 Nov 18, 2019 N/A· v4 9.1 CRITICAL· v3 6.5 MEDIUM· v2 Footy Tipping Software AFL Web Edition 2019 allows arbitrary file upload and resultant remote code execution because a whitelist can be bypassed by an Administrator who uploads a crafted upload.dat file.
CVE-2019-14467 1Infoway 1Social Photo Gallery Jun 17, 2026 Nov 18, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 The Social Photo Gallery plugin 1.0 for WordPress allows Remote Code Execution by creating an album and attaching a malicious PHP file in the cover photo album, because the file extension is not checked.
CVE-2019-18952 1Sibsoft 1Xfilesharing Jun 17, 2026 Nov 13, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 SibSoft Xfilesharing through 2.5.1 allows cgi-bin/up.cgi arbitrary file upload. This can be combined with CVE-2019-18951 to achieve remote code execution via a .html file, containing short codes, that is served over HTTP...Show more SibSoft Xfilesharing through 2.5.1 allows cgi-bin/up.cgi arbitrary file upload. This can be combined with CVE-2019-18951 to achieve remote code execution via a .html file, containing short codes, that is served over HTTP.Show less
CVE-2014-1214 1Projoom 1Smart Flash Header Nov 21, 2024 Nov 13, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 views/upload.php in the ProJoom Smart Flash Header (NovaSFH) component 3.0.2 and earlier for Joomla! allows remote attackers to upload and execute arbitrary files via a crafted (1) dest parameter and (2) arbitrary extens...Show more views/upload.php in the ProJoom Smart Flash Header (NovaSFH) component 3.0.2 and earlier for Joomla! allows remote attackers to upload and execute arbitrary files via a crafted (1) dest parameter and (2) arbitrary extension in the Filename parameter.Show less
CVE-2010-4661 5Debian FedoraprojectOpensuse+2 more 5Debian Linux Enterprise LinuxFedora+2 more Nov 21, 2024 Nov 13, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules.
CVE-2019-1443 1Microsoft 3Sharepoint Enterprise Server Sharepoint FoundationSharepoint Server Jun 17, 2026 Nov 12, 2019 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 An information disclosure vulnerability exists in Microsoft SharePoint when an attacker uploads a specially crafted file to the SharePoint Server.An authenticated attacker who successfully exploited this vulnerability co...Show more An information disclosure vulnerability exists in Microsoft SharePoint when an attacker uploads a specially crafted file to the SharePoint Server.An authenticated attacker who successfully exploited this vulnerability could potentially leverage SharePoint functionality to obtain SMB hashes.The security update addresses the vulnerability by correcting how SharePoint checks file content., aka 'Microsoft SharePoint Information Disclosure Vulnerability'.Show less
CVE-2019-12719 1Auo 1Sunveillance Monitoring System & Data Recorder Jun 17, 2026 Nov 12, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in Picture_Manage_mvc.aspx in AUO SunVeillance Monitoring System before v1.1.9e. There is an incorrect access control vulnerability that can allow an unauthenticated user to upload files via a mod...Show more An issue was discovered in Picture_Manage_mvc.aspx in AUO SunVeillance Monitoring System before v1.1.9e. There is an incorrect access control vulnerability that can allow an unauthenticated user to upload files via a modified authority parameter.Show less
CVE-2019-8140 1Magento 1Magento Jun 17, 2026 Nov 6, 2019 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 An unrestricted file upload vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated admin user can manipulate the Synchronization feature in the Media File Storage of...Show more An unrestricted file upload vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated admin user can manipulate the Synchronization feature in the Media File Storage of the database to transform uploaded JPEG file into a PHP file.Show less
CVE-2019-8114 1Magento 1Magento Jun 17, 2026 Nov 5, 2019 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 A remote code execution vulnerability exists in Magento 1 prior to 1.9.4.3 and 1.14.4.3, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with admin privileges to import features...Show more A remote code execution vulnerability exists in Magento 1 prior to 1.9.4.3 and 1.14.4.3, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with admin privileges to import features can execute arbitrary code via crafted configuration archive file upload.Show less
CVE-2019-8093 1Magento 1Magento Jun 17, 2026 Nov 5, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 An arbitrary file access vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can leverage file upload controller for downloadable products to read/delete an...Show more An arbitrary file access vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can leverage file upload controller for downloadable products to read/delete an arbitary files.Show less
CVE-2011-1134 1S9y 1Serendipity Nov 21, 2024 Nov 5, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code in the image manager.
CVE-2010-3663 1Typo3 1Typo3 Nov 21, 2024 Nov 4, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 contains an insecure default value of the variable fileDenyPattern which could allow remote attackers to execute arbitrary code on the b...Show more TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 contains an insecure default value of the variable fileDenyPattern which could allow remote attackers to execute arbitrary code on the backend.Show less
CVE-2019-17325 1Clipsoft 1Rexpert Jun 17, 2026 Oct 30, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 ClipSoft REXPERT 1.0.0.527 and earlier version allows remote attacker to upload arbitrary local file via the ActiveX method in RexViewerCtrl30.ocx. That could lead to disclosure of sensitive information. User interaction...Show more ClipSoft REXPERT 1.0.0.527 and earlier version allows remote attacker to upload arbitrary local file via the ActiveX method in RexViewerCtrl30.ocx. That could lead to disclosure of sensitive information. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page.Show less
CVE-2019-18204 1Zucchetti 1Infobusiness Jun 17, 2026 Oct 30, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Zucchetti InfoBusiness before and including 4.4.1 allows any authenticated user to upload .php files in order to achieve code execution.
CVE-2018-18930 1Trms 1Carousel Digital Signage Nov 21, 2024 Oct 29, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 The Tightrope Media Carousel digital signage product 7.0.4.104 contains an arbitrary file upload vulnerability in the Manage Bulletins/Upload feature, which can be leveraged to gain remote code execution. An authenticate...Show more The Tightrope Media Carousel digital signage product 7.0.4.104 contains an arbitrary file upload vulnerability in the Manage Bulletins/Upload feature, which can be leveraged to gain remote code execution. An authenticated attacker can upload a crafted ZIP file (based on an exported backup of existing "Bulletins") containing a malicious file. When uploaded, the system only checks for the presence of the needed files within the ZIP and, as long as the malicious file is named properly, will extract all contained files to a new directory on the system, named with a random GUID. The attacker can determine this GUID by previewing an image from the uploaded Bulletin within the web UI. Once the GUID is determined, the attacker can navigate to the malicious file and execute it. In testing, an ASPX web shell was uploaded, allowing for remote-code execution in the context of a restricted IIS user.Show less

Previous 1...181182183...206 Next