Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

CVEs (4,107)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-7721 1Nconsulting 1Nc Cms Jun 17, 2026 Feb 11, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 lib/NCCms.class.php in nc-cms 3.5 allows upload of .php files via the index.php?action=save name and editordata parameters.
CVE-2019-7684 1Inxedu 1Inxedu Jun 17, 2026 Feb 9, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 inxedu through 2018-12-24 has a vulnerability that can lead to the upload of a malicious JSP file. The vulnerable code location is com.inxedu.os.common.controller.VideoUploadController#gok4 (com/inxedu/os/common/controll...Show more inxedu through 2018-12-24 has a vulnerability that can lead to the upload of a malicious JSP file. The vulnerable code location is com.inxedu.os.common.controller.VideoUploadController#gok4 (com/inxedu/os/common/controller/VideoUploadController.java). The attacker uses the /video/uploadvideo fileType parameter to change the list of acceptable extensions from jpg,gif,png,jpeg to jpg,gif,png,jsp,jpeg.Show less
CVE-2019-6139 1Forcepoint 1User Id Jun 17, 2026 Feb 7, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Forcepoint User ID (FUID) server versions up to 1.2 have a remote arbitrary file upload vulnerability on TCP port 5001. Successful exploitation of this vulnerability may lead to remote code execution. To fix this vulnera...Show more Forcepoint User ID (FUID) server versions up to 1.2 have a remote arbitrary file upload vulnerability on TCP port 5001. Successful exploitation of this vulnerability may lead to remote code execution. To fix this vulnerability, upgrade to FUID version 1.3 or higher. To prevent the vulnerability on FUID versions 1.2 and below, apply local firewall rules on the FUID server to disable all external access to port TCP/5001. FUID requires this port only for local connections through the loopback interface.Show less
CVE-2019-0017 1Juniper 1Junos Space Jun 17, 2026 Jan 15, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 The Junos Space application, which allows Device Image files to be uploaded, has insufficient validity checking which may allow uploading of malicious images or scripts, or other content types. Affected releases are Juni...Show more The Junos Space application, which allows Device Image files to be uploaded, has insufficient validity checking which may allow uploading of malicious images or scripts, or other content types. Affected releases are Juniper Networks Junos Space versions prior to 18.3R1.Show less
CVE-2018-1969 1Ibm 1Security Identity Manager Nov 21, 2024 Jan 14, 2019 N/A· v4 9.9 CRITICAL· v3 6.5 MEDIUM· v2 IBM Security Identity Manager 6.0.0 allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 153750.
CVE-2018-16169 1Cybozu 1Remote Service Manager Nov 21, 2024 Jan 9, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Cybozu Remote Service 3.0.0 to 3.1.0 allows remote authenticated attackers to upload and execute Java code file on the server via unspecified vectors.
CVE-2019-5009 1Vtiger 1Vtiger Crm Jun 17, 2026 Jan 4, 2019 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 Vtiger CRM 7.1.0 before Hotfix2 allows uploading files with the extension "php3" in the logo upload field, if the uploaded file is in PNG format and has a size of 150x40. One can put PHP code into the image; PHP code can...Show more Vtiger CRM 7.1.0 before Hotfix2 allows uploading files with the extension "php3" in the logo upload field, if the uploaded file is in PNG format and has a size of 150x40. One can put PHP code into the image; PHP code can be executed using "<? ?>" tags, as demonstrated by a CompanyDetailsSave action. This bypasses the bad-file-extensions protection mechanism. It is related to actions/CompanyDetailsSave.php, actions/UpdateCompanyLogo.php, and models/CompanyDetails.php.Show less
CVE-2018-20166 1Rukovoditel 1Rukovoditel Nov 21, 2024 Jan 2, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A file-upload vulnerability exists in Rukovoditel 2.3.1. index.php?module=configuration/save allows the user to upload a background image, and mishandles extension checking. It accepts uploads of PHP content if the first...Show more A file-upload vulnerability exists in Rukovoditel 2.3.1. index.php?module=configuration/save allows the user to upload a background image, and mishandles extension checking. It accepts uploads of PHP content if the first few characters match GIF data, and the filename ends in ".php" with mixed case, such as the .pHp extension.Show less
CVE-2018-5204 1Infraware Global 1Ml Report Nov 21, 2024 Dec 28, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 ML Report version Between 2.00.000.0000 and 2.18.628.5980 contains a vulnerability that could allow remote attacker to download and execute remote arbitrary file by setting the arguments to the activex method. this can b...Show more ML Report version Between 2.00.000.0000 and 2.18.628.5980 contains a vulnerability that could allow remote attacker to download and execute remote arbitrary file by setting the arguments to the activex method. this can be leveraged for code execution.Show less
CVE-2018-15333 1F5 13Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+10 more Nov 21, 2024 Dec 28, 2018 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 On versions 11.2.1. and greater, unrestricted Snapshot File Access allows BIG-IP system's user with any role, including Guest Role, to have access and download previously generated and available snapshot files on the BIG...Show more On versions 11.2.1. and greater, unrestricted Snapshot File Access allows BIG-IP system's user with any role, including Guest Role, to have access and download previously generated and available snapshot files on the BIG-IP configuration utility such as QKView and TCPDumps.Show less
CVE-2018-7836 1Schneider Electric 1Iiot Monitor Jun 17, 2026 Dec 24, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An unrestricted Upload of File with Dangerous Type vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow upload and execution of malicious files.
CVE-2018-1000839 1Librehealth 1Librehealth Ehr Nov 21, 2024 Dec 20, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 LH-EHR version REL-2_0_0 contains a Arbitrary File Upload vulnerability in Profile picture upload that can result in Remote Code Execution. This attack appear to be exploitable via Uploading a PHP file with image MIME ty...Show more LH-EHR version REL-2_0_0 contains a Arbitrary File Upload vulnerability in Profile picture upload that can result in Remote Code Execution. This attack appear to be exploitable via Uploading a PHP file with image MIME type.Show less
CVE-2018-1000811 1Bludit 1Bludit Nov 21, 2024 Dec 20, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 bludit version 3.0.0 contains a Unrestricted Upload of File with Dangerous Type vulnerability in Content Upload in Pages Editor that can result in Remote Command Execution. This attack appear to be exploitable via malici...Show more bludit version 3.0.0 contains a Unrestricted Upload of File with Dangerous Type vulnerability in Content Upload in Pages Editor that can result in Remote Command Execution. This attack appear to be exploitable via malicious user have to upload a crafted payload containing PHP code.Show less
CVE-2018-19789 2Debian Sensiolabs 2Debian Linux Symfony Nov 21, 2024 Dec 18, 2018 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 An issue was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9, and 4.2.x before 4.2.1. When using the scalar type hint `string` in a setter method...Show more An issue was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9, and 4.2.x before 4.2.1. When using the scalar type hint `string` in a setter method (e.g. `setName(string $name)`) of a class that's the `data_class` of a form, and when a file upload is submitted to the corresponding field instead of a normal text input, then `UploadedFile::__toString()` is called which will then return and disclose the path of the uploaded file. If combined with a local file inclusion issue in certain circumstances this could escalate it to a Remote Code Execution.Show less
CVE-2018-6152 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more Jun 17, 2026 Dec 4, 2018 N/A· v4 9.6 CRITICAL· v3 6.8 MEDIUM· v2 The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install...Show more The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page and user interaction.Show less
CVE-2018-16097 1Lenovo 1Xclarity Integrator Nov 21, 2024 Nov 30, 2018 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System Center versions prior to 3.5, allow an authenticated user to write to any system file due to insufficient sanitization during the upload of a certificat...Show more LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System Center versions prior to 3.5, allow an authenticated user to write to any system file due to insufficient sanitization during the upload of a certificate.Show less
CVE-2018-16093 1Lenovo 1Xclarity Integrator Nov 21, 2024 Nov 30, 2018 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 In versions prior to 5.5, LXCI for VMware allows an authenticated user to write to any system file due to insufficient sanitization during the upload of a backup file.
CVE-2018-15537 1Ocsinventory Ng 1Ocsinventory Ng Nov 21, 2024 Nov 29, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Unrestricted file upload (with remote code execution) in OCS Inventory NG ocsreports allows a privileged user to gain access to the server via crafted HTTP requests.
CVE-2018-19692 1Tp5cms Project 1Tp5cms Nov 21, 2024 Nov 29, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in tp5cms through 2017-05-25. admin.php/upload/picture.html allows remote attackers to execute arbitrary PHP code by uploading a .php file with the image/jpeg content type.
CVE-2018-17936 1Nuuo 1Nuuo Cms Nov 21, 2024 Nov 27, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 NUUO CMS All versions 3.3 and prior the application allows the upload of arbitrary files that can modify or overwrite configuration files to the server, which could allow remote code execution.

Previous 1...190191192...206 Next