Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

CVEs (4,107)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-10469 1B3log 1Symphony Nov 21, 2024 Apr 27, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 b3log Symphony (aka Sym) 2.6.0 allows remote attackers to upload and execute arbitrary JSP files via the name[] parameter to the /upload URI.
CVE-2018-10375 1Dedecms 1Dedecms Nov 21, 2024 Apr 25, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A file uploading vulnerability exists in /include/helpers/upload.helper.php in DedeCMS V5.7 SP2, which can be utilized by attackers to upload and execute arbitrary PHP code via the /dede/archives_do.php?dopost=uploadLitp...Show more A file uploading vulnerability exists in /include/helpers/upload.helper.php in DedeCMS V5.7 SP2, which can be utilized by attackers to upload and execute arbitrary PHP code via the /dede/archives_do.php?dopost=uploadLitpic litpic parameter when "Content-Type: image/jpeg" is sent, but the filename ends in .php and contains PHP code.Show less
CVE-2018-10173 1Digitalguardian 1Management Console Nov 21, 2024 Apr 20, 2018 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 Digital Guardian Management Console 7.1.2.0015 allows authenticated remote code execution because of Arbitrary File Upload functionality.
CVE-2018-9153 1Zblogcn 1Z Blogphp Jun 17, 2026 Apr 16, 2018 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 The plugin upload component in Z-BlogPHP 1.5.1 allows remote attackers to execute arbitrary PHP code via the app_id parameter to zb_users/plugin/AppCentre/plugin_edit.php because of an unanchored regular expression, a di...Show more The plugin upload component in Z-BlogPHP 1.5.1 allows remote attackers to execute arbitrary PHP code via the app_id parameter to zb_users/plugin/AppCentre/plugin_edit.php because of an unanchored regular expression, a different vulnerability than CVE-2018-8893. The component must be accessed directly by an administrator, or through CSRF.Show less
CVE-2016-10258 1Broadcom 2Advanced Secure Gateway Symantec Proxysg Nov 21, 2024 Apr 11, 2018 N/A· v4 6.8 MEDIUM· v3 6.0 MEDIUM· v2 Unrestricted file upload vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A malicious appliance administrator can upload arbitrary malicious files to the management console and...Show more Unrestricted file upload vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A malicious appliance administrator can upload arbitrary malicious files to the management console and trick another administrator user into downloading and executing malicious code.Show less
CVE-2018-9037 1Monstra 1Monstra Jun 17, 2026 Apr 10, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Monstra CMS 3.0.4 allows remote code execution via an upload_file request for a .zip file, which is automatically extracted and may contain .php files.
CVE-2018-2404 1Sap 1Disclosure Management Nov 21, 2024 Apr 10, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 SAP Disclosure Management 10.1 allows an attacker to upload any file without proper file format validation.
CVE-2018-9157 1Axis 1M1033 W Firmware Jun 17, 2026 Apr 1, 2018 N/A· v4 7.5 HIGH· v3 7.6 HIGH· v2 An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. The upload web page doesn't verify the file type, and an attacker can upload a webshell by making a fileUpload.shtml request for a cu...Show more An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. The upload web page doesn't verify the file type, and an attacker can upload a webshell by making a fileUpload.shtml request for a custom .shtml file, which is interpreted by the Apache HTTP Server mod_include module with "<!--#exec cmd=" support. The file needs to include a specific string to meet the internal system architecture. After the webshell upload, an attacker can use the webshell to perform remote code execution such as running a system command (ls, ping, cat /etc/passwd, etc.). NOTE: the vendor reportedly indicates that this is an intended feature or functionalityShow less
CVE-2018-9156 1Axis 1P1354 Firmware Jun 17, 2026 Apr 1, 2018 N/A· v4 7.5 HIGH· v3 7.6 HIGH· v2 An issue was discovered on AXIS P1354 (IP camera) Firmware version 5.90.1.1 devices. The upload web page doesn't verify the file type, and an attacker can upload a webshell by making a fileUpload.shtml request for a cust...Show more An issue was discovered on AXIS P1354 (IP camera) Firmware version 5.90.1.1 devices. The upload web page doesn't verify the file type, and an attacker can upload a webshell by making a fileUpload.shtml request for a custom .shtml file, which is interpreted by the Apache HTTP Server mod_include module with "<!--#exec cmd=" support. The file needs to include a specific string to meet the internal system architecture. After the webshell upload, an attacker can use the webshell to perform remote code execution such as running a system command (ls, ping, cat /etc/passwd, etc.). NOTE: the vendor reportedly indicates that this is an intended feature or functionalityShow less
CVE-2015-9259 1Docker 1Notary Nov 21, 2024 Mar 31, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In Docker Notary before 0.1, the checkRoot function in gotuf/client/client.go does not check expiry of root.json files, despite a comment stating that it does. Even if a user creates a new root.json file after a key comp...Show more In Docker Notary before 0.1, the checkRoot function in gotuf/client/client.go does not check expiry of root.json files, despite a comment stating that it does. Even if a user creates a new root.json file after a key compromise, an attacker can produce update files referring to an old root.json file.Show less
CVE-2018-8944 1Phpok 1Phpok Jun 17, 2026 Mar 22, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 PHPOK 4.8.338 has an arbitrary file upload vulnerability.
CVE-2017-16772 1Synology 1Photo Station Nov 21, 2024 Mar 22, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Improper input validation vulnerability in SYNOPHOTO_Flickr_MultiUpload in Synology Photo Station before 6.8.3-3463 and before 6.3-2971 allows remote authenticated users to execute arbitrary codes via the prog_id paramet...Show more Improper input validation vulnerability in SYNOPHOTO_Flickr_MultiUpload in Synology Photo Station before 6.8.3-3463 and before 6.3-2971 allows remote authenticated users to execute arbitrary codes via the prog_id parameter.Show less
CVE-2014-4912 1Frog Cms Project 1Frog Cms Nov 21, 2024 Mar 22, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An Arbitrary File Upload issue was discovered in Frog CMS 0.9.5 due to lack of extension validation.
CVE-2018-8766 1Joyplus Cms Project 1Joyplus Cms Jun 17, 2026 Mar 18, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 joyplus-cms 1.6.0 allows Remote Code Execution because of an Arbitrary File Upload issue in manager/editor/upload.php, related to manager/admin_vod.php?action=add.
CVE-2017-16251 1Mitel 1St14.2 Nov 21, 2024 Mar 13, 2018 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability in the conferencing component of Mitel ST 14.2, release GA28 and earlier, could allow an authenticated user to upload a malicious script to the Personal Library by a crafted POST request. Successful explo...Show more A vulnerability in the conferencing component of Mitel ST 14.2, release GA28 and earlier, could allow an authenticated user to upload a malicious script to the Personal Library by a crafted POST request. Successful exploit could allow an attacker to execute arbitrary code within the context of the application.Show less
CVE-2018-1000094 1Cmsmadesimple 1Cms Made Simple Nov 21, 2024 Mar 13, 2018 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 CMS Made Simple version 2.2.5 contains a Remote Code Execution vulnerability in File Manager that can result in Allows an authenticated admin that has access to the file manager to execute code on the server. This attack...Show more CMS Made Simple version 2.2.5 contains a Remote Code Execution vulnerability in File Manager that can result in Allows an authenticated admin that has access to the file manager to execute code on the server. This attack appear to be exploitable via File upload -> copy to any extension.Show less
CVE-2018-7562 1Glpi Project 1Glpi Jun 17, 2026 Mar 12, 2018 N/A· v4 7.5 HIGH· v3 6.0 MEDIUM· v2 A remote code execution issue was discovered in GLPI through 9.2.1. There is a race condition that allows temporary access to an uploaded executable file that will be disallowed. The application allows an authenticated u...Show more A remote code execution issue was discovered in GLPI through 9.2.1. There is a race condition that allows temporary access to an uploaded executable file that will be disallowed. The application allows an authenticated user to upload a file when he/she creates a new ticket via front/fileupload.php. This feature is protected using different types of security features like the check on the file's extension. However, the application uploads and creates a file, though this file is not allowed, and then deletes the file in the uploadFiles method in inc/glpiuploaderhandler.class.php.Show less
CVE-2014-2592 1Arubanetworks 1Web Management Portal Nov 21, 2024 Mar 9, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Unrestricted file upload vulnerability in Aruba Web Management portal allows remote attackers to execute arbitrary code by uploading a file with an executable extension.
CVE-2018-1215 1Dell 4Emc Solutions Enabler Virtual Appliance Emc Unisphere For Vmax Virtual ApplianceEmc Vasa Virtual Appliance+1 more Nov 21, 2024 Mar 8, 2018 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 An arbitrary file upload vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management...Show more An arbitrary file upload vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement): Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.18, Dell EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.21, Dell EMC VASA Virtual Appliance versions prior to 8.4.0.514, and Dell EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier). A remote authenticated malicious user may potentially upload arbitrary maliciously crafted files in any location on the web server. By chaining this vulnerability with CVE-2018-1216, the attacker may use the default account to exploit this vulnerability.Show less
CVE-2016-7443 1Exponentcms 1Exponent Cms Nov 21, 2024 Mar 7, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Exponent CMS 2.3.0 through 2.3.9 allows remote attackers to have unspecified impact via vectors related to "uploading files to wrong location."

Previous 1...197198199...206 Next