Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

CVEs (4,107)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-9185 1Boltcms 1Bolt Jun 17, 2026 Mar 7, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Controller/Async/FilesystemManager.php in the filemanager in Bolt before 3.6.5 allows remote attackers to execute arbitrary PHP code by renaming a previously uploaded file to have a .php extension.
CVE-2018-17418 1Monstra 1Monstra Nov 21, 2024 Mar 7, 2019 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 Monstra CMS 3.0.4 allows remote attackers to execute arbitrary PHP code via a mixed-case file extension, as demonstrated by the 123.PhP filename, because plugins\box\filesmanager\filesmanager.admin.php mishandles the for...Show more Monstra CMS 3.0.4 allows remote attackers to execute arbitrary PHP code via a mixed-case file extension, as demonstrated by the 123.PhP filename, because plugins\box\filesmanager\filesmanager.admin.php mishandles the forbidden_types variable.Show less
CVE-2019-9623 1Fengoffice 1Feng Office Jun 17, 2026 Mar 7, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Feng Office 3.7.0.5 allows remote attackers to execute arbitrary code via "<!--#exec cmd=" in a .shtml file to ck_upload_handler.php.
CVE-2019-9617 1Ofcms Project 1Ofcms Jun 17, 2026 Mar 6, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider (for example) file.jsp::$DATA to the admin/ueditor/uploadFile URI.
CVE-2019-9613 1Ofcms Project 1Ofcms Jun 17, 2026 Mar 6, 2019 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider (for example) file.jsp::$DATA to the admin/ueditor/uploadVideo URI.
CVE-2019-9612 1Ofcms Project 1Ofcms Jun 17, 2026 Mar 6, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider (for example) file.jsp::$DATA to the admin/comn/service/upload URI.
CVE-2019-9609 1Ofcms Project 1Ofcms Jun 17, 2026 Mar 6, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider (for example) file.jsp::$DATA to the admin/comn/service/editUploadImag...Show more An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider (for example) file.jsp::$DATA to the admin/comn/service/editUploadImage URI.Show less
CVE-2019-9608 1Ofcms Project 1Ofcms Jun 17, 2026 Mar 6, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider (for example) file.jsp::$DATA to the admin/ueditor/uploadImage URI.
CVE-2019-9581 1Twinkletoessoftware 1Booked Jun 17, 2026 Mar 6, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 phpscheduleit Booked Scheduler 2.7.5 allows arbitrary file upload via the Favicon field, leading to execution of arbitrary Web/custom-favicon.php PHP code, because Presenters/Admin/ManageThemePresenter.php does not ensur...Show more phpscheduleit Booked Scheduler 2.7.5 allows arbitrary file upload via the Favicon field, leading to execution of arbitrary Web/custom-favicon.php PHP code, because Presenters/Admin/ManageThemePresenter.php does not ensure an image file extension.Show less
CVE-2019-9572 1Schoolcms 1Schoolcms Jun 17, 2026 Mar 5, 2019 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 SchoolCMS version 2.3.1 allows file upload via the theme upload feature at admin.php?m=admin&c=theme&a=upload by using the .zip extension along with the _Static substring, changing the Content-Type to application/zip, an...Show more SchoolCMS version 2.3.1 allows file upload via the theme upload feature at admin.php?m=admin&c=theme&a=upload by using the .zip extension along with the _Static substring, changing the Content-Type to application/zip, and placing PHP code after the ZIP header. This ultimately allows execution of arbitrary PHP code in Public\Home\1_Static.php because of mishandling in the Application\Admin\Controller\ThemeController.class.php Upload() function.Show less
CVE-2019-9181 1Schoolcms 1Schoolcms Jun 17, 2026 Feb 26, 2019 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 SchoolCMS version 2.3.1 allows file upload via the logo upload feature at admin.php?m=admin&c=site&a=save by using the .jpg extension, changing the Content-Type to image/php, and placing PHP code after the JPEG data. Thi...Show more SchoolCMS version 2.3.1 allows file upload via the logo upload feature at admin.php?m=admin&c=site&a=save by using the .jpg extension, changing the Content-Type to image/php, and placing PHP code after the JPEG data. This ultimately allows execution of arbitrary PHP code.Show less
CVE-2018-20063 1Gurock 1Testrail Nov 21, 2024 Feb 25, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 An issue was discovered in Gurock TestRail 5.6.0.3853. An "Unrestricted Upload of File" vulnerability exists in the image-upload form (available in the description editor), allowing remote authenticated users to execute...Show more An issue was discovered in Gurock TestRail 5.6.0.3853. An "Unrestricted Upload of File" vulnerability exists in the image-upload form (available in the description editor), allowing remote authenticated users to execute arbitrary code by uploading an image file with an executable extension but a safe Content-Type value, and then accessing it via a direct request to the file in the file-upload directory (if it's accessible according to the server configuration).Show less
CVE-2019-9050 1Pluck Cms 1Pluck Jun 17, 2026 Feb 23, 2019 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 An issue was discovered in Pluck 4.7.9-dev1. It allows administrators to execute arbitrary code by using action=installmodule to upload a ZIP archive, which is then extracted and executed.
CVE-2019-9042 1Sitemagic 1Sitemagic Cms Jun 17, 2026 Feb 23, 2019 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 An issue was discovered in Sitemagic CMS v4.4. In the index.php?SMExt=SMFiles URI, the user can upload a .php file to execute arbitrary code, as demonstrated by 404.php. This can only occur if the administrator neglects...Show more An issue was discovered in Sitemagic CMS v4.4. In the index.php?SMExt=SMFiles URI, the user can upload a .php file to execute arbitrary code, as demonstrated by 404.php. This can only occur if the administrator neglects to set FileExtensionFilter and there are untrusted user accounts. NOTE: The maintainer states that this is not a vulnerability but a feature used in conjunction with External ModulesShow less
CVE-2019-8942 2Debian Wordpress 2Debian Linux Wordpress Jun 17, 2026 Feb 20, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker...Show more WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif metadata. Exploitation can leverage CVE-2019-8943.Show less
CVE-2019-8933 1Dedecms 1Dedecms Jun 17, 2026 Feb 19, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 In DedeCMS 5.7SP2, attackers can upload a .php file to the uploads/ directory (without being blocked by the Web Application Firewall), and then execute this file, via this sequence of steps: visiting the management page,...Show more In DedeCMS 5.7SP2, attackers can upload a .php file to the uploads/ directory (without being blocked by the Web Application Firewall), and then execute this file, via this sequence of steps: visiting the management page, clicking on the template, clicking on Default Template Management, clicking on New Template, and modifying the filename from ../index.html to ../index.php.Show less
CVE-2019-8433 1Jtbc 1Jtbc Php Jun 17, 2026 Feb 18, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 JTBC(PHP) 3.0.1.8 allows Arbitrary File Upload via the console/#/console/file/manage.php?type=list URI, as demonstrated by a .php file.
CVE-2019-8394 1Zohocorp 1Manageengine Servicedesk Plus Jun 17, 2026 Feb 17, 2019 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10012 allows remote attackers to upload arbitrary files via login page customization.
CVE-2019-8362 1Dedecms 1Dedecms Jun 17, 2026 Feb 16, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 DedeCMS through V5.7SP2 allows arbitrary file upload in dede/album_edit.php or dede/album_add.php, as demonstrated by a dede/album_edit.php?dopost=save&formzip=1 request with a ZIP archive that contains a file such as "1...Show more DedeCMS through V5.7SP2 allows arbitrary file upload in dede/album_edit.php or dede/album_add.php, as demonstrated by a dede/album_edit.php?dopost=save&formzip=1 request with a ZIP archive that contains a file such as "1.jpg.php" (because input validation only checks that .jpg, .png, or .gif is present as a substring, and does not otherwise check the file name or content).Show less
CVE-2019-0259 1Sap 1Businessobjects Jun 17, 2026 Feb 15, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 SAP BusinessObjects, versions 4.2 and 4.3, (Visual Difference) allows an attacker to upload any file (including script files) without proper file format validation.

Previous 1...189190191...206 Next