Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

CVEs (4,107)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-17139 1Ultimatefosters 1Ultimatepos Nov 21, 2024 Sep 17, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 UltimatePOS 2.5 allows users to upload arbitrary files, which leads to remote command execution by posting to a /products URI with PHP code in a .php file with the image/jpeg content type.
CVE-2018-16287 1Lg 1Supersign Cms Nov 21, 2024 Sep 14, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 LG SuperSign CMS allows file upload via signEzUI/playlist/edit/upload/..%2f URIs.
CVE-2018-16796 1Hiscout 1Grc Suite Nov 21, 2024 Sep 13, 2018 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 HiScout GRC Suite before 3.1.5 allows Unrestricted Upload of Files with Dangerous Types.
CVE-2018-16974 1Elefantcms 1Elefant Nov 21, 2024 Sep 12, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in Elefant CMS before 2.0.7. There is a PHP Code Execution Vulnerability in apps/filemanager/upload/drop.php by using /filemanager/api/rm/.htaccess to remove the .htaccess file, and then using a f...Show more An issue was discovered in Elefant CMS before 2.0.7. There is a PHP Code Execution Vulnerability in apps/filemanager/upload/drop.php by using /filemanager/api/rm/.htaccess to remove the .htaccess file, and then using a filename that ends in .php followed by space characters (for bypassing the blacklist).Show less
CVE-2018-16388 1E107 1E107 Nov 21, 2024 Sep 12, 2018 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 e107_web/js/plupload/upload.php in e107 2.1.8 allows remote attackers to execute arbitrary PHP code by uploading a .php filename with the image/jpeg content type.
CVE-2018-16731 1Chshcms 1Cscms Nov 21, 2024 Sep 8, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 CScms 4.1 allows arbitrary file upload by (for example) adding the php extension to the default filetype list (gif, jpg, png), and then providing a .php pathname within fileurl JSON data.
CVE-2018-0645 1Bit Part 1Mtappjquery Nov 21, 2024 Sep 7, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 MTAppjQuery 1.8.1 and earlier allows remote PHP code execution via unspecified vectors.
CVE-2018-1000658 1Limesurvey 1Limesurvey Nov 21, 2024 Sep 6, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 LimeSurvey version prior to 3.14.4 contains a file upload vulnerability in upload functionality that can result in an attacker gaining code execution via webshell. This attack appear to be exploitable via an authenticate...Show more LimeSurvey version prior to 3.14.4 contains a file upload vulnerability in upload functionality that can result in an attacker gaining code execution via webshell. This attack appear to be exploitable via an authenticated user uploading a zip archive which can contains malicious php files that can be called under certain circumstances. This vulnerability appears to have been fixed in after commit 91d143230eb357260a19c8424b3005deb49a47f7 / version 3.14.4.Show less
CVE-2018-16397 1Limesurvey 1Limesurvey Nov 21, 2024 Sep 3, 2018 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 In LimeSurvey before 3.14.7, an admin user can leverage a "file upload" question to read an arbitrary file,
CVE-2018-16373 1Frog Cms Project 1Frog Cms Nov 21, 2024 Sep 3, 2018 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 Frog CMS 0.9.5 has an Upload vulnerability that can create files via /admin/?/plugin/file_manager/save.
CVE-2018-16370 1Pescms 1Pescms Team Nov 21, 2024 Sep 3, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP code through /Public/?g=Team&m=Setting&a=upgrade by placing a .php file in a ZIP archive.
CVE-2018-16352 1Weaselcms Project 1Weaselcms Nov 21, 2024 Sep 2, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 There is a PHP code upload vulnerability in WeaselCMS 0.3.6 via index.php because code can be embedded at the end of a .png file when the image/png content type is used.
CVE-2018-15882 1Joomla 1Joomla Nov 21, 2024 Aug 29, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in Joomla! before 3.8.12. Inadequate checks in the InputFilter class could allow specifically prepared phar files to pass the upload filter.
CVE-2015-9263 1Idera 1Uptime Infrastructure Monitor Nov 21, 2024 Aug 27, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in post2file.php in Up.Time Monitoring Station 7.5.0 (build 16) and 7.4.0 (build 13). It allows an attacker to upload an arbitrary file, such as a .php file that can execute arbitrary OS commands.
CVE-2014-10074 1Umbraco 1Umbraco Cms Nov 21, 2024 Aug 27, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Umbraco before 7.2.0 has a remote PHP code execution vulnerability because Umbraco.Web.UI/config/umbracoSettings.Release.config does not block the upload of .php files.
CVE-2018-3832 1Insteon 1Hub 2245 222 Firmware Nov 21, 2024 Aug 23, 2018 N/A· v4 9.0 CRITICAL· v3 8.5 HIGH· v2 An exploitable firmware update vulnerability exists in Insteon Hub running firmware version 1013. The HTTP server allows for uploading arbitrary MPFS binaries that could be modified to enable access to hidden resources w...Show more An exploitable firmware update vulnerability exists in Insteon Hub running firmware version 1013. The HTTP server allows for uploading arbitrary MPFS binaries that could be modified to enable access to hidden resources which allow for uploading unsigned firmware images to the device. To trigger this vulnerability, an attacker can upload an MPFS binary via the '/mpfsupload' HTTP form and later on upload the firmware via a POST request to 'firmware.htm'.Show less
CVE-2018-1000646 1Librehealth 1Librehealth Ehr Nov 21, 2024 Aug 20, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 LibreHealthIO LH-EHR version REL-2.0.0 contains an Authenticated Unrestricted File Write vulnerability in Import template that can result in write files with malicious content and may lead to remote code execution.
CVE-2018-15573 1Reprisesoftware 1Reprise License Manager Apr 30, 2025 Aug 20, 2018 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 An issue was discovered in Reprise License Manager (RLM) through 12.2BL2. Attackers can use the web interface to read and write data to any file on disk (as long as rlm.exe has access to it) via /goform/edit_lf_process w...Show more An issue was discovered in Reprise License Manager (RLM) through 12.2BL2. Attackers can use the web interface to read and write data to any file on disk (as long as rlm.exe has access to it) via /goform/edit_lf_process with file content in the lfdata parameter and a pathname in the lf parameter. By default, the web interface is on port 5054, and does not require authentication. NOTE: the vendor has stated "We do not consider this a vulnerability.Show less
CVE-2018-12256 1Litecart 1Litecart Nov 21, 2024 Aug 16, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 admin/vqmods.app/vqmods.inc.php in LiteCart before 2.1.3 allows remote authenticated attackers to upload a malicious file (resulting in remote code execution) by using the text/xml or application/xml Content-Type in a pu...Show more admin/vqmods.app/vqmods.inc.php in LiteCart before 2.1.3 allows remote authenticated attackers to upload a malicious file (resulting in remote code execution) by using the text/xml or application/xml Content-Type in a public_html/admin/?app=vqmods&doc=vqmods request.Show less
CVE-2018-15139 1Open Emr 1Openemr Nov 21, 2024 Aug 13, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Unrestricted file upload in interface/super/manage_site_files.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary PHP code by uploading a file with a PHP extension via th...Show more Unrestricted file upload in interface/super/manage_site_files.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary PHP code by uploading a file with a PHP extension via the images upload form and accessing it in the images directory.Show less

Previous 1...193194195...206 Next