Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

CVEs (4,107)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-12914 1Publiccms 1Publiccms Nov 21, 2024 Jun 27, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A remote code execution issue was discovered in PublicCMS V4.0.20180210. An attacker can upload a ZIP archive that contains a .jsp file with a directory traversal pathname. After an unzip operation, the attacker can exec...Show more A remote code execution issue was discovered in PublicCMS V4.0.20180210. An attacker can upload a ZIP archive that contains a .jsp file with a directory traversal pathname. After an unzip operation, the attacker can execute arbitrary code by visiting a .jsp URI.Show less
CVE-2018-1000544 3Debian RedhatRubyzip Project 3Cloudforms Debian LinuxRubyzip Nov 21, 2024 Jun 26, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Traversal vulnerability in Zip::File component that can result in write arbitrary files to the filesystem. This attack appear to be exploitable via If a...Show more rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Traversal vulnerability in Zip::File component that can result in write arbitrary files to the filesystem. This attack appear to be exploitable via If a site allows uploading of .zip files , an attacker can upload a malicious file that contains symlinks or files with absolute pathnames "../" to write arbitrary files to the filesystem..Show less
CVE-2018-0571 1Basercms 1Basercms Nov 21, 2024 Jun 26, 2018 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote attackers with a site operator privilege to upload arbitrary files.
CVE-2018-12519 1Codenx 1Shopnx Nov 21, 2024 Jun 19, 2018 N/A· v4 8.8 HIGH· v3 4.0 MEDIUM· v2 An issue was discovered in ShopNx through 2017-11-17. The vulnerability allows a remote attacker to upload any malicious file to a Node.js application. An attacker can upload a malicious HTML file that contains a JavaScr...Show more An issue was discovered in ShopNx through 2017-11-17. The vulnerability allows a remote attacker to upload any malicious file to a Node.js application. An attacker can upload a malicious HTML file that contains a JavaScript payload to steal a user's credentials.Show less
CVE-2018-11221 1Artica 1Pandora Fms Nov 21, 2024 Jun 16, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Unauthenticated untrusted file upload in Artica Pandora FMS through version 7.23 allows an attacker to upload an arbitrary plugin via include/ajax/update_manager.ajax in the update system.
CVE-2018-12491 1Phpok 1Phpok Nov 21, 2024 Jun 15, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 PHPOK 4.9.032 has an arbitrary file upload vulnerability in the import_f function in framework/admin/modulec_control.php, as demonstrated by uploading a .php file within a .php.zip archive, a similar issue to CVE-2018-89...Show more PHPOK 4.9.032 has an arbitrary file upload vulnerability in the import_f function in framework/admin/modulec_control.php, as demonstrated by uploading a .php file within a .php.zip archive, a similar issue to CVE-2018-8944.Show less
CVE-2011-4183 1Opensuse 1Open Build Service Nov 21, 2024 Jun 13, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability in open build service allows remote attackers to upload arbitrary RPM files. Affected releases are SUSE open build service prior to 2.1.16.
CVE-2018-12263 1Portfoliocms Project 1Portfoliocms Nov 21, 2024 Jun 13, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 portfolioCMS 1.0.5 allows upload of arbitrary .php files via the admin/portfolio.php?newpage=true URI.
CVE-2018-1453 1Ibm 1Security Identity Manager Nov 21, 2024 Jun 8, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 IBM Security Identity Manager Virtual Appliance 7.0 allows an authenticated attacker to upload or transfer files of dangerous types that can be automatically processed within the environment. IBM X-Force ID: 140055.
CVE-2018-12051 1Schools Alert Management Script Project 1Schools Alert Management Script Nov 21, 2024 Jun 8, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Arbitrary File Upload and Remote Code Execution exist in PHP Scripts Mall Schools Alert Management Script via $_FILE in /webmasterst/general.php, as demonstrated by a .php file with the image/jpeg content type.
CVE-2018-12045 1Dedecms 1Dedecms Nov 21, 2024 Jun 8, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 DedeCMS through V5.7SP2 allows arbitrary file upload in dede/file_manage_control.php via a dede/file_manage_view.php?fmdo=upload request with an upfile1 parameter, as demonstrated by uploading a .php file.
CVE-2018-3758 1Express Cart Project 1Express Cart Nov 21, 2024 Jun 7, 2018 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 Unrestricted file upload (RCE) in express-cart module before 1.1.7 allows a privileged user to gain access in the hosting machine.
CVE-2018-1265 2Cloudfoundry Pivotal Software 2Cf Deployment Cloud Foundry Diego Nov 21, 2024 Jun 6, 2018 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 Cloud Foundry Diego, release versions prior to 2.8.0, does not properly sanitize file paths in tar and zip files headers. A remote attacker with CF admin privileges can upload a malicious buildpack that will allow a comp...Show more Cloud Foundry Diego, release versions prior to 2.8.0, does not properly sanitize file paths in tar and zip files headers. A remote attacker with CF admin privileges can upload a malicious buildpack that will allow a complete takeover of a Diego Cell VM and access to all apps running on that Diego Cell.Show less
CVE-2018-11736 1Pluck Cms 1Pluck Nov 21, 2024 Jun 5, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in Pluck before 4.7.7-dev2. /data/inc/images.php allows remote attackers to upload and execute arbitrary PHP code by using the image/jpeg content type for a .htaccess file.
CVE-2018-11196 1Mahara 1Mahara Nov 21, 2024 Jun 1, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before 18.04.1 can be used as medium to transmit viruses by placing infected files into a Leap2A archive and uploading that to Mahara. In contrast to other Z...Show more Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before 18.04.1 can be used as medium to transmit viruses by placing infected files into a Leap2A archive and uploading that to Mahara. In contrast to other ZIP files that are uploaded, ClamAV (when activated) does not check Leap2A archives for viruses, allowing malicious files to be available for download. While files cannot be executed on Mahara itself, Mahara can be used to transfer such files to user computers.Show less
CVE-2018-11392 1Jigowatt 1Php Login & User Management Nov 21, 2024 May 29, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 An arbitrary file upload vulnerability in /classes/profile.class.php in Jigowatt "PHP Login & User Management" before 4.1.1, as distributed in the Envato Market, allows any remote authenticated user to upload .php files...Show more An arbitrary file upload vulnerability in /classes/profile.class.php in Jigowatt "PHP Login & User Management" before 4.1.1, as distributed in the Envato Market, allows any remote authenticated user to upload .php files to the web server via a profile avatar field. This results in arbitrary code execution by requesting the .php file.Show less
CVE-2018-11523 1Nuuo 1Nvrmini 2 Firmware Nov 21, 2024 May 29, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 upload.php on NUUO NVRmini 2 devices allows Arbitrary File Upload, such as upload of .php files.
CVE-2018-11514 1Naukri Clone Script Project 1Naukri Clone Script Nov 21, 2024 May 28, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 PHP Scripts Mall Naukri Clone Script through 3.0.3 allows Unrestricted Upload of a File with a Dangerous Type in edit_resume_det.php, as demonstrated by changing .docx to .php.
CVE-2018-6411 1Machform 1Machform Jun 17, 2026 May 26, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in Appnitro MachForm before 4.2.3. When the form is set to filter a blacklist, it automatically adds dangerous extensions to the filters. If the filter is set to a whitelist, the dangerous extensi...Show more An issue was discovered in Appnitro MachForm before 4.2.3. When the form is set to filter a blacklist, it automatically adds dangerous extensions to the filters. If the filter is set to a whitelist, the dangerous extensions can be bypassed through ap_form_elements SQL Injection.Show less
CVE-2018-11494 1Opencart 1Opencart Nov 21, 2024 May 26, 2018 N/A· v4 8.0 HIGH· v3 6.0 MEDIUM· v2 The "program extension upload" feature in OpenCart through 3.0.2.0 has a six-step process (upload, install, unzip, move, xml, remove) that allows attackers to execute arbitrary code if the remove step is skipped, because...Show more The "program extension upload" feature in OpenCart through 3.0.2.0 has a six-step process (upload, install, unzip, move, xml, remove) that allows attackers to execute arbitrary code if the remove step is skipped, because the attacker can discover a secret temporary directory name (containing 10 random digits) via a directory traversal attack involving language_info['code'].Show less

Previous 1...195196197...206 Next