Enable SVG, WebP & ICO Upload Security Vulnerabilities

CVE-2024-27944

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow a privileged user to upload firmware files to the root installation directory of the system. By replacing specific files, an attacker could tamper specific files or even achieve remote cod...

CVE-2024-27944

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow a privileged user to upload firmware files to the root installation directory of the system. By replacing specific files, an attacker could tamper specific files or even achieve remote cod...

CVE-2024-27943

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow a privileged user to upload generic files to the root installation directory of the system. By replacing specific files, an attacker could tamper specific files or even achieve remote code...

CVE-2024-27943

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow a privileged user to upload generic files to the root installation directory of the system. By replacing specific files, an attacker could tamper specific files or even achieve remote code...

CVE-2024-27939

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow the upload of arbitrary files of any unauthenticated user. An attacker could leverage this vulnerability and achieve arbitrary code execution with system...

CVE-2024-27939

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow the upload of arbitrary files of any unauthenticated user. An attacker could leverage this vulnerability and achieve arbitrary code execution with system...

CVE-2024-33006 File upload vulnerability in SAP NetWeaver Application Server ABAP and ABAP Platform

An unauthenticated attacker can upload a malicious file to the server which when accessed by a victim can allow an attacker to completely compromise...

CVE-2024-33006 File upload vulnerability in SAP NetWeaver Application Server ABAP and ABAP Platform

An unauthenticated attacker can upload a malicious file to the server which when accessed by a victim can allow an attacker to completely compromise...

CVE-2024-32731 Missing Authorization check in SAP My Travel Requests

SAP My Travel Requests does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation, the attacker can upload a malicious attachment to a business trip request which will lead to a low impact on the confidentiality,...

Image Optimization by Optimole < 3.13.0 - Author+ Stored Cross-Site Scripting via SVG Upload

Description The Image Optimization by Optimole – Lazy Load, CDN, Convert WebP & AVIF plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘allow_meme_types’ function in versions up to, and including, 3.12.10 due to insufficient input sanitization and output escaping. This...

Insert or Embed Articulate Content into WordPress <= 4.3000000023 - Iframe Injection

Description The plugin lacks validation of URLs when adding iframes, allowing attackers to inject an iFrame in the page and thus load arbitrary content from any page. PoC 1) Create a new post 2) Add and e-Learning block and upload a zip file 3) Select the "Insert As: Iframe" option 4) Intercept...

Insert or Embed Articulate Content into WordPress <= 4.3000000023 - Author+ Upload to RCE

Description The plugin is not properly filtering which file extensions are allowed to be imported on the server, allowing the uploading of malicious code within zip files PoC Note: This must be tested on a web server running Apache 1) Create a new post 2) Add e-Learning block to the post and...

Insert or Embed Articulate Content into WordPress <= 4.3000000023 - Author+ Upload to RCE

Description The plugin is not properly filtering which file extensions are allowed to be imported on the server, allowing the uploading of malicious code within zip...

Chyrp 2.5.2 Cross Site Scripting

...

Insert or Embed Articulate Content into WordPress <= 4.3000000023 - Iframe Injection

Description The plugin lacks validation of URLs when adding iframes, allowing attackers to inject an iFrame in the page and thus load arbitrary content from any...

The Events Calendar < 6.4.0.1 - Reflected XSS

Description The plugin does not properly sanitize user-submitted content when rendering some views via...

NocoDB Allows Preview of Files with Dangerous Content

Summary Attacker can upload a html file with malicious content. If user tries to open that file in browser malicious scripts can be executed leading Stored XSS(Cross-Site Script) attack. PoC NocoDB was configured using the Release Binary Noco-macos-arm64, and nocodb version 0.202.9 (currently...

NocoDB Allows Preview of Files with Dangerous Content

Summary Attacker can upload a html file with malicious content. If user tries to open that file in browser malicious scripts can be executed leading Stored XSS(Cross-Site Script) attack. PoC NocoDB was configured using the Release Binary Noco-macos-arm64, and nocodb version 0.202.9 (currently...

CVE-2023-50717 NocoDB Allows Preview of File with Dangerous Content

NocoDB is software for building databases as spreadsheets. Starting in verson 0.202.6 and prior to version 0.202.10, an attacker can upload a html file with malicious content. If user tries to open that file in browser malicious scripts can be executed leading stored cross-site scripting attack....

CVE-2023-50717 NocoDB Allows Preview of File with Dangerous Content

NocoDB is software for building databases as spreadsheets. Starting in verson 0.202.6 and prior to version 0.202.10, an attacker can upload a html file with malicious content. If user tries to open that file in browser malicious scripts can be executed leading stored cross-site scripting attack....

Microsoft is again named a Leader in the 2024 Gartner® Magic Quadrant™ for Security Information and Event Management​​

We are pleased to announce that Microsoft has been recognized as a Leader in the Gartner® Magic Quadrant™ for Security Information and Event Management (SIEM).1 We believe our position in the Leaders quadrant validates our vision and continued investments in Microsoft Sentinel making it a...

CVE-2024-4820 SourceCodester Online Computer and Laptop Store unrestricted upload

A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /classes/SystemSettings.php?f=update_settings. The manipulation leads to unrestricted upload. The attack can be....

CVE-2024-4820 SourceCodester Online Computer and Laptop Store unrestricted upload

A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /classes/SystemSettings.php?f=update_settings. The manipulation leads to unrestricted upload. The attack can be....

CVE-2024-4825 Unrestricted Upload of File with Dangerous Type vulnerability on Cockpit CMS from Agentejo

A vulnerability has been discovered in Agentejo Cockpit CMS v0.5.5 that consists in an arbitrary file upload in ‘/media/api’ parameter via post request. An attacker could upload files to the server, compromising the entire...

CVE-2024-4825 Unrestricted Upload of File with Dangerous Type vulnerability on Cockpit CMS from Agentejo

A vulnerability has been discovered in Agentejo Cockpit CMS v0.5.5 that consists in an arbitrary file upload in ‘/media/api’ parameter via post request. An attacker could upload files to the server, compromising the entire...

CVE-2024-31377 WordPress WP Photo Album Plus plugin <= 8.7.01.001 - Unauth. Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus.This issue affects WP Photo Album Plus: from n/a through...

CVE-2024-34411 WordPress canvasio3D Light plugin <= 2.5.0 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Thomas Scholl canvasio3D Light.This issue affects canvasio3D Light: from n/a through...

CVE-2024-34411 WordPress canvasio3D Light plugin <= 2.5.0 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Thomas Scholl canvasio3D Light.This issue affects canvasio3D Light: from n/a through...

CVE-2024-34416 WordPress Pk Favicon Manager plugin <= 2.1 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Pk Favicon Manager.This issue affects Pk Favicon Manager: from n/a through...

CVE-2024-34416 WordPress Pk Favicon Manager plugin <= 2.1 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Pk Favicon Manager.This issue affects Pk Favicon Manager: from n/a through...

CVE-2024-34440 WordPress AI Engine plugin <= 2.2.63 - Auth. Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through...

CVE-2024-34440 WordPress AI Engine plugin <= 2.2.63 - Auth. Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through...

CVE-2024-34555 WordPress Z-Downloads plugin <= 1.11.3 - Auth. Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in URBAN BASE Z-Downloads.This issue affects Z-Downloads: from n/a through...

CVE-2024-32700 WordPress Kognetiks Chatbot for WordPress plugin <= 2.0.0 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Kognetiks Kognetiks Chatbot for WordPress.This issue affects Kognetiks Chatbot for WordPress: from n/a through...

CVE-2024-32700 WordPress Kognetiks Chatbot for WordPress plugin <= 2.0.0 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Kognetiks Kognetiks Chatbot for WordPress.This issue affects Kognetiks Chatbot for WordPress: from n/a through...

CVE-2024-4809 SourceCodester Open Source Clinic Management System setting.php unrestricted upload

A vulnerability has been found in SourceCodester Open Source Clinic Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file setting.php. The manipulation of the argument logo leads to unrestricted upload. The attack can be launched...

CVE-2024-4809 SourceCodester Open Source Clinic Management System setting.php unrestricted upload

A vulnerability has been found in SourceCodester Open Source Clinic Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file setting.php. The manipulation of the argument logo leads to unrestricted upload. The attack can be launched...

PyroCMS v3.0.1 - Stored XSS Vulnerability

...

Amazon Linux 2023 : git, git-all, git-core (ALAS2023-2024-609)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-609 advisory. An issue was discovered in git where a client can convince upload-pack running on a server to allocate arbitrary amounts of memory, resulting in a possible denial of service. (ALAS2023-2024-609) ...

Chyrp 2.5.2 - Stored XSS Vulnerability

...

CE Phoenix Version 1.0.8.20 - Stored XSS Vulnerability

...

Chyrp 2.5.2 - Stored Cross-Site Scripting (XSS)

...

CE Phoenix Version 1.0.8.20 - Stored XSS

...

PyroCMS v3.0.1 - Stored XSS

...

CVE-2024-2299 Stored Cross-Site Scripting (XSS) via Profile Picture Upload in parisneo/lollms-webui

A stored Cross-Site Scripting (XSS) vulnerability exists in the parisneo/lollms-webui application due to improper validation of uploaded files in the profile picture upload functionality. Attackers can exploit this vulnerability by uploading malicious HTML files containing JavaScript code, which...

CVE-2024-2299 Stored Cross-Site Scripting (XSS) via Profile Picture Upload in parisneo/lollms-webui

A stored Cross-Site Scripting (XSS) vulnerability exists in the parisneo/lollms-webui application due to improper validation of uploaded files in the profile picture upload functionality. Attackers can exploit this vulnerability by uploading malicious HTML files containing JavaScript code, which...

CVE-2023-47711 IBM Security Guardium denial of service

IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow an authenticated user to upload files that would cause a denial of service. IBM X-Force ID: ...

CVE-2024-4487 Blocksy Companion <= 2.0.45 - Authenticated (Contributor+) Stored Cross-Site Scripting via SVG Uploads

The Blocksy Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG uploads in versions up to, and including, 2.0.45 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permissions and...

CVE-2024-4487 Blocksy Companion <= 2.0.45 - Authenticated (Contributor+) Stored Cross-Site Scripting via SVG Uploads

The Blocksy Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG uploads in versions up to, and including, 2.0.45 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permissions and...

CVE-2024-4560 Kognetiks Chatbot for WordPress <= 1.9.9 - Unauthenticated Arbitrary File Upload via chatbot_chatgpt_upload_file_to_assistant Function

The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the chatbot_chatgpt_upload_file_to_assistant function in all versions up to, and including, 1.9.9. This makes it possible for unauthenticated attackers, with to...