1409 matches found
CVE-2019-14755
The profile photo upload feature in Leaf Admin 61.9.0212.10 f allows Unrestricted Upload of a File with a Dangerous Type...
CVE-2019-14755
The profile photo upload feature in Leaf Admin 61.9.0212.10 f allows Unrestricted Upload of a File with a Dangerous Type...
Unrestricted file upload
Unrestricted upload of file with dangerous type in WallacePOS 1.4.3 allows a remote, authenticated attacker to execute arbitrary code by uploading a malicious PHP file...
CVE-2019-12971
BKS EBK Ethernet-Buskoppler Pro before 3.01 allows Unrestricted Upload of a File with a Dangerous Type...
BD Alaris Gateway Workstation
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: BD Becton, Dickinson and Company Equipment: Alaris Gateway Workstation Vulnerabilities: Improper Access Control, Unrestricted Upload of File with Dangerous Type 2. RISK EVALUATION Exploitation of...
CVE-2018-19453
Kentico CMS before 11.0.45 allows unrestricted upload of a file with a dangerous type...
PT-2019-9820
Name of the Vulnerable Software and Affected Versions Kentico CMS versions prior to 11.0.45 Description The issue allows for the unrestricted upload of a file with a dangerous type. Recommendations For versions prior to 11.0.45, update to version 11.0.45 or later to resolve the issue...
The vulnerability of the Cisco Prime File Upload service in the Data Center Network Manager (DCNM) and the Prime Infrastructure (PI) network lifecycle management software allows a malicious attacker to upload arbitrary files to any directory on the vulnerable device and execute them.
The vulnerability of the Cisco Prime File Upload service in the Data Center Network Manager DCNM and the Prime Infrastructure PI network lifecycle management software is due to errors in specifying the path to the directory, as well as the absence of restrictions during the upload of files of a...
CVE-2018-7836
An unrestricted Upload of File with Dangerous Type vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow upload and execution of malicious files...
GHSA-C7C7-XM8G-XM36 Unrestricted Upload of File with Dangerous Type in mingsoft:ms-mcms
An issue was discovered in com\mingsoft\basic\action\web\FileAction.java in MCMS 4.6.5. Since the upload interface does not verify the user login status, you can use this interface to upload files without setting a cookie. First, start an upload of JSP code with a .png filename, and then intercep...
GHSA-4CJ8-G9CP-V5WR Unrestricted Upload of File with Dangerous Type in blueimp-file-upload
Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload = v9.22.0...
CVE-2018-16796
HiScout GRC Suite before 3.1.5 allows Unrestricted Upload of Files with Dangerous Types...
CVE-2016-9492
The code generated by PHP FormMail Generator prior to 17 December 2016 is vulnerable to unrestricted upload of dangerous file types. In the generated form.lib.php file, upload file types are checked against a hard-coded list of dangerous extensions. This list does not include all variations of PH...
CVE-2016-9492
The code generated by PHP FormMail Generator prior to 17 December 2016 is vulnerable to unrestricted upload of dangerous file types. In the generated form.lib.php file, upload file types are checked against a hard-coded list of dangerous extensions. This list does not include all variations of PH...
Unrestricted file upload
The code generated by PHP FormMail Generator prior to 17 December 2016 is vulnerable to unrestricted upload of dangerous file types. In the generated form.lib.php file, upload file types are checked against a hard-coded list of dangerous extensions. This list does not include all variations of PH...
CVE-2016-9492 PHP forms generated using the PHP FormMail Generator are vulnerable to unrestricted upload of dangerous file types
The code generated by PHP FormMail Generator prior to 17 December 2016 is vulnerable to unrestricted upload of dangerous file types. In the generated form.lib.php file, upload file types are checked against a hard-coded list of dangerous extensions. This list does not include all variations of PH...
Dialogic PowerMedia XMS File Unrestricted Upload Vulnerability
Dialogic PowerMedia XMS is a suite of software multimedia servers for real-time communications from Dialogic, Inc. that provide real-time multimedia communication solutions for IMS, MRF, enterprise and WebRTC applications. A security vulnerability exists in the management console of Dialogic...
CVE-2018-11638
Unrestricted Upload of a File with a Dangerous Type in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote authenticated users to upload malicious code to the web root to gain code execution...
CVE-2018-1453
IBM Security Identity Manager Virtual Appliance 7.0 allows an authenticated attacker to upload or transfer files of dangerous types that can be automatically processed within the environment. IBM X-Force ID: 140055...
CVE-2018-11514
PHP Scripts Mall Naukri Clone Script through 3.0.3 allows Unrestricted Upload of a File with a Dangerous Type in editresumedet.php, as demonstrated by changing .docx to .php...