Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

CVEs (4,107)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-7268 1Nortekcontrol 2Linear Emerge 5000p Firmware Linear Emerge 50p Firmware Jun 17, 2026 Jul 2, 2019 N/A· v4 10.0 CRITICAL· v3 10.0 HIGH· v2 Linear eMerge 50P/5000P devices allow Unauthenticated File Upload.
CVE-2019-4292 1Ibm 1Security Guardium Jun 17, 2026 Jul 2, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 IBM Security Guardium 10.5 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable web server. IBM X-Force ID: 160698.
CVE-2019-7274 1Optergy 2Enterprise Proton Jun 17, 2026 Jul 1, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Optergy Proton/Enterprise devices allow Authenticated File Upload with Code Execution as root.
CVE-2019-7669 1Primasystems 1Flexair Jun 17, 2026 Jul 1, 2019 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 Prima Systems FlexAir, Versions 2.3.38 and prior. Improper validation of file extensions when uploading files could allow a remote authenticated attacker to upload and execute malicious applications within the applicatio...Show more Prima Systems FlexAir, Versions 2.3.38 and prior. Improper validation of file extensions when uploading files could allow a remote authenticated attacker to upload and execute malicious applications within the application’s web root with root privileges.Show less
CVE-2019-13082 1Chamilo 1Chamilo Lms Jun 17, 2026 Jun 30, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Chamilo LMS 1.11.8 and 2.x allows remote code execution through an lp_upload.php unauthenticated file upload feature. It extracts a ZIP archive before checking its content, and once it has been extracted, does not check...Show more Chamilo LMS 1.11.8 and 2.x allows remote code execution through an lp_upload.php unauthenticated file upload feature. It extracts a ZIP archive before checking its content, and once it has been extracted, does not check files in a recursive way. This means that by putting a .php file in a folder and then this folder in a ZIP archive, the server will accept this file without any checks. Because one can access this file from the website, it is remote code execution. This is related to a scorm imsmanifest.xml file, the import_package function, and extraction in $courseSysDir.$newDir.Show less
CVE-2019-12744 1Seeddms 1Seeddms Jun 17, 2026 Jun 20, 2019 N/A· v4 7.5 HIGH· v3 6.0 MEDIUM· v2 SeedDMS before 5.1.11 allows Remote Command Execution (RCE) because of unvalidated file upload of PHP scripts, a different vulnerability than CVE-2018-12940.
CVE-2019-9842 1Miniblog Project 1Miniblog Jun 17, 2026 Jun 14, 2019 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 madskristensen MiniBlog through 2018-05-18 allows remote attackers to execute arbitrary ASPX code via an IMG element with a data: URL, because SaveFilesToDisk in app_code/handlers/PostHandler.cs writes a decoded base64 s...Show more madskristensen MiniBlog through 2018-05-18 allows remote attackers to execute arbitrary ASPX code via an IMG element with a data: URL, because SaveFilesToDisk in app_code/handlers/PostHandler.cs writes a decoded base64 string to a file without validating the extension.Show less
CVE-2019-10959 1Bd 5Alaris Cc Syringe Pump Firmware Alaris Gateway Workstation FirmwareAlaris Gh Syringe Pump Firmware+2 more Jun 17, 2026 Jun 13, 2019 N/A· v4 10.0 CRITICAL· v3 7.5 HIGH· v2 BD Alaris Gateway Workstation Versions, 1.1.3 Build 10, 1.1.3 MR Build 11, 1.2 Build 15, 1.3.0 Build 14, 1.3.1 Build 13, This does not impact the latest firmware Versions 1.3.2 and 1.6.1, Additionally, the following prod...Show more BD Alaris Gateway Workstation Versions, 1.1.3 Build 10, 1.1.3 MR Build 11, 1.2 Build 15, 1.3.0 Build 14, 1.3.1 Build 13, This does not impact the latest firmware Versions 1.3.2 and 1.6.1, Additionally, the following products using software Version 2.3.6 and below, Alaris GS, Alaris GH, Alaris CC, Alaris TIVA, The application does not restrict the upload of malicious files during a firmware update.Show less
CVE-2019-7838 1Adobe 1Coldfusion Jun 17, 2026 Jun 12, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a file extension blacklist bypass vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2019-4069 1Ibm 3Intelligent Operations Center Intelligent Operations Center For Emergency ManagementWater Operations For Waternamics Jun 17, 2026 Jun 7, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 does not properly validate file types, allowing an attacker to upload malicious content. IBM X-Force ID: 157014.
CVE-2019-4056 1Ibm 10Control Desk Maximo Asset ManagementMaximo For Aviation+7 more Jun 17, 2026 Jun 6, 2019 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 IBM Maximo Asset Management 7.6 Work Centers' application does not validate file type upon upload, allowing attackers to upload malicious files. IBM X-Force ID: 156565.
CVE-2019-9189 1Primasystems 1Flexair Jun 17, 2026 Jun 5, 2019 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 Prima Systems FlexAir, Versions 2.4.9api3 and prior. The application allows the upload of arbitrary Python scripts when configuring the main central controller. These scripts can be immediately executed because of root c...Show more Prima Systems FlexAir, Versions 2.4.9api3 and prior. The application allows the upload of arbitrary Python scripts when configuring the main central controller. These scripts can be immediately executed because of root code execution, not as a web server user, allowing an authenticated attacker to gain full system access.Show less
CVE-2019-9642 1Pydio 1Pydio Jun 17, 2026 Jun 5, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in proxy.php in pydio-core in Pydio through 8.2.2. Through an unauthenticated request, it possible to evaluate malicious PHP code by placing it on the fourth line of a .php file, as demonstrated b...Show more An issue was discovered in proxy.php in pydio-core in Pydio through 8.2.2. Through an unauthenticated request, it possible to evaluate malicious PHP code by placing it on the fourth line of a .php file, as demonstrated by a PoC.php created by the guest account, with execution via a proxy.php?hash=../../../../../var/lib/pydio/data/personal/guest/PoC.php request. This is related to plugins/action.share/src/Store/ShareStore.php.Show less
CVE-2019-1861 1Cisco 1Industrial Network Director Jun 17, 2026 Jun 5, 2019 N/A· v4 7.2 HIGH· v3 9.0 HIGH· v2 A vulnerability in the software update feature of Cisco Industrial Network Director could allow an authenticated, remote attacker to execute arbitrary code. The vulnerability is due to improper validation of files upload...Show more A vulnerability in the software update feature of Cisco Industrial Network Director could allow an authenticated, remote attacker to execute arbitrary code. The vulnerability is due to improper validation of files uploaded to the affected application. An attacker could exploit this vulnerability by authenticating to the affected system using administrator privileges and uploading an arbitrary file. A successful exploit could allow the attacker to execute arbitrary code with elevated privileges.Show less
CVE-2019-5357 1Hp 1Intelligent Management Center Jun 17, 2026 Jun 5, 2019 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVE-2019-12548 1Bludit 1Bludit Jun 17, 2026 Jun 3, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Bludit before 3.9.0 allows remote code execution for an authenticated user by uploading a php file while changing the logo through /admin/ajax/upload-logo.
CVE-2019-11185 13cx 1Live Chat Jun 17, 2026 Jun 3, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The WP Live Chat Support Pro plugin through 8.0.26 for WordPress contains an arbitrary file upload vulnerability. This results from an incomplete patch for CVE-2018-12426. Arbitrary file upload is achieved by using a non...Show more The WP Live Chat Support Pro plugin through 8.0.26 for WordPress contains an arbitrary file upload vulnerability. This results from an incomplete patch for CVE-2018-12426. Arbitrary file upload is achieved by using a non-blacklisted executable file extension in conjunction with a whitelisted file extension, and prepending "magic bytes" to the payload to pass MIME checks. Specifically, an unauthenticated remote user submits a crafted file upload POST request to the REST api remote_upload endpoint. The file contains data that will fool the plugin's MIME check into classifying it as an image (which is a whitelisted file extension) and finally a trailing .phtml file extension.Show less
CVE-2019-12377 1Ivanti 1Landesk Management Suite Jun 17, 2026 Jun 3, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerable upl/async_upload.asp web API endpoint in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Service Update 5 allows arbitrary file upload, which may lead to arbitrary remote code executi...Show more A vulnerable upl/async_upload.asp web API endpoint in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Service Update 5 allows arbitrary file upload, which may lead to arbitrary remote code execution.Show less
CVE-2019-7816 1Adobe 1Coldfusion Jun 17, 2026 May 24, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 ColdFusion versions Update 2 and earlier, Update 9 and earlier, and Update 17 and earlier have a file upload restriction bypass vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2016-10758 1Phpkit 1Phpkit Nov 21, 2024 May 24, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 PHPKIT 1.6.6 allows arbitrary File Upload, as demonstrated by a .php file to pkinc/admin/mediaarchive.php and pkinc/func/default.php via the image_name parameter.

Previous 1...186187188...206 Next