Lucene search
+L

1409 matches found

NVD
NVD
added 2019/08/15 3:15 p.m.12 views

CVE-2019-14755

The profile photo upload feature in Leaf Admin 61.9.0212.10 f allows Unrestricted Upload of a File with a Dangerous Type...

8.8CVSS8.7AI score0.01719EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/08/15 2:27 p.m.14 views

CVE-2019-14755

The profile photo upload feature in Leaf Admin 61.9.0212.10 f allows Unrestricted Upload of a File with a Dangerous Type...

8.7AI score0.01719EPSS
Exploits0References3
Prion
Prion
added 2019/07/31 6:15 p.m.21 views

Unrestricted file upload

Unrestricted upload of file with dangerous type in WallacePOS 1.4.3 allows a remote, authenticated attacker to execute arbitrary code by uploading a malicious PHP file...

6.5CVSS7.2AI score0.03019EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2019/07/05 8:15 p.m.6 views

CVE-2019-12971

BKS EBK Ethernet-Buskoppler Pro before 3.01 allows Unrestricted Upload of a File with a Dangerous Type...

9.8CVSS7.3AI score0.02197EPSS
Exploits3References2
ICS
ICS
added 2019/06/13 12:0 a.m.43 views

BD Alaris Gateway Workstation

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: BD Becton, Dickinson and Company Equipment: Alaris Gateway Workstation Vulnerabilities: Improper Access Control, Unrestricted Upload of File with Dangerous Type 2. RISK EVALUATION Exploitation of...

5.3CVSS7.7AI score0.01675EPSS
Exploits0References5
OSV
OSV
added 2019/04/10 9:29 p.m.11 views

CVE-2018-19453

Kentico CMS before 11.0.45 allows unrestricted upload of a file with a dangerous type...

8.8CVSS5.8AI score0.01419EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2019/04/10 12:0 a.m.10 views

PT-2019-9820

Name of the Vulnerable Software and Affected Versions Kentico CMS versions prior to 11.0.45 Description The issue allows for the unrestricted upload of a file with a dangerous type. Recommendations For versions prior to 11.0.45, update to version 11.0.45 or later to resolve the issue...

8.8CVSS8.9AI score0.01419EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2018/12/25 12:0 a.m.5 views

The vulnerability of the Cisco Prime File Upload service in the Data Center Network Manager (DCNM) and the Prime Infrastructure (PI) network lifecycle management software allows a malicious attacker to upload arbitrary files to any directory on the vulnerable device and execute them.

The vulnerability of the Cisco Prime File Upload service in the Data Center Network Manager DCNM and the Prime Infrastructure PI network lifecycle management software is due to errors in specifying the path to the directory, as well as the absence of restrictions during the upload of files of a...

10CVSS7.9AI score0.49431EPSS
Exploits0References4Affected Software2
OSV
OSV
added 2018/12/24 4:29 p.m.3 views

CVE-2018-7836

An unrestricted Upload of File with Dangerous Type vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow upload and execution of malicious files...

9.8CVSS5.9AI score0.3198EPSS
Exploits0References2
OSV
OSV
added 2018/11/01 2:48 p.m.19 views

GHSA-C7C7-XM8G-XM36 Unrestricted Upload of File with Dangerous Type in mingsoft:ms-mcms

An issue was discovered in com\mingsoft\basic\action\web\FileAction.java in MCMS 4.6.5. Since the upload interface does not verify the user login status, you can use this interface to upload files without setting a cookie. First, start an upload of JSP code with a .png filename, and then intercep...

9.8CVSS9.7AI score0.01205EPSS
Exploits0References4
OSV
OSV
added 2018/10/22 6:53 p.m.2 views

GHSA-4CJ8-G9CP-V5WR Unrestricted Upload of File with Dangerous Type in blueimp-file-upload

Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload = v9.22.0...

9.8CVSS7.3AI score0.97107EPSS
Exploits15References9
OSV
OSV
added 2018/09/13 4:29 p.m.3 views

CVE-2018-16796

HiScout GRC Suite before 3.1.5 allows Unrestricted Upload of Files with Dangerous Types...

8.8CVSS5.8AI score
Exploits0References3
NVD
NVD
added 2018/07/13 8:29 p.m.22 views

CVE-2016-9492

The code generated by PHP FormMail Generator prior to 17 December 2016 is vulnerable to unrestricted upload of dangerous file types. In the generated form.lib.php file, upload file types are checked against a hard-coded list of dangerous extensions. This list does not include all variations of PH...

9.8CVSS9.6AI score0.03375EPSS
Exploits0References2
OSV
OSV
added 2018/07/13 8:29 p.m.5 views

CVE-2016-9492

The code generated by PHP FormMail Generator prior to 17 December 2016 is vulnerable to unrestricted upload of dangerous file types. In the generated form.lib.php file, upload file types are checked against a hard-coded list of dangerous extensions. This list does not include all variations of PH...

9.8CVSS5.9AI score0.03375EPSS
Exploits0References2
Prion
Prion
added 2018/07/13 8:29 p.m.18 views

Unrestricted file upload

The code generated by PHP FormMail Generator prior to 17 December 2016 is vulnerable to unrestricted upload of dangerous file types. In the generated form.lib.php file, upload file types are checked against a hard-coded list of dangerous extensions. This list does not include all variations of PH...

7.5CVSS7.4AI score0.03375EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/07/13 8:0 p.m.28 views

CVE-2016-9492 PHP forms generated using the PHP FormMail Generator are vulnerable to unrestricted upload of dangerous file types

The code generated by PHP FormMail Generator prior to 17 December 2016 is vulnerable to unrestricted upload of dangerous file types. In the generated form.lib.php file, upload file types are checked against a hard-coded list of dangerous extensions. This list does not include all variations of PH...

9.7AI score0.03375EPSS
Exploits0References2
CNVD
CNVD
added 2018/07/04 12:0 a.m.5 views

Dialogic PowerMedia XMS File Unrestricted Upload Vulnerability

Dialogic PowerMedia XMS is a suite of software multimedia servers for real-time communications from Dialogic, Inc. that provide real-time multimedia communication solutions for IMS, MRF, enterprise and WebRTC applications. A security vulnerability exists in the management console of Dialogic...

9CVSS7.3AI score0.04098EPSS
Exploits1References1
OSV
OSV
added 2018/07/03 5:29 p.m.9 views

CVE-2018-11638

Unrestricted Upload of a File with a Dangerous Type in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote authenticated users to upload malicious code to the web root to gain code execution...

7.2CVSS5.9AI score0.04098EPSS
Exploits1References1
OSV
OSV
added 2018/06/08 1:29 p.m.5 views

CVE-2018-1453

IBM Security Identity Manager Virtual Appliance 7.0 allows an authenticated attacker to upload or transfer files of dangerous types that can be automatically processed within the environment. IBM X-Force ID: 140055...

8.8CVSS5.8AI score0.02077EPSS
Exploits0References3
NVD
NVD
added 2018/05/28 2:29 p.m.19 views

CVE-2018-11514

PHP Scripts Mall Naukri Clone Script through 3.0.3 allows Unrestricted Upload of a File with a Dangerous Type in editresumedet.php, as demonstrated by changing .docx to .php...

8.8CVSS8.7AI score0.01126EPSS
Exploits1References1
Rows per page
Query Builder