1409 matches found
CVE-2018-11514
PHP Scripts Mall Naukri Clone Script through 3.0.3 allows Unrestricted Upload of a File with a Dangerous Type in editresumedet.php, as demonstrated by changing .docx to .php...
SS-2018-014: Dangerous file types in allowed upload
More info at https://www.silverstripe.org/download/security-releases/ss-2018-014/...
CVE-2017-16736
An Unrestricted Upload Of File With Dangerous Type issue was discovered in Advantech WebAccess versions prior to 8.3. WebAccess allows a remote attacker to upload arbitrary files...
CVE-2017-9650
An Unrestricted Upload of File with Dangerous Type issue was discovered in Automated Logic Corporation ALC ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu,...
CVE-2017-9650
An Unrestricted Upload of File with Dangerous Type issue was discovered in Automated Logic Corporation ALC ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu,...
CVE-2017-9650
CVE-2017-9650 affects Automated Logic Corporation (ALC) WebCTRL, i-Vu and SiteScan Web platforms. The vulnerability is an Unrestricted Upload of File with Dangerous Type that could allow an authenticated attacker to upload a malicious file and execute arbitrary code. Affected versions include Web...
The vulnerability of the EMC Avamar backup system allows a perpetrator to execute arbitrary code.
The vulnerability of the EMC Avamar backup system lies in the lack of restrictions on the download of files of a dangerous type. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted file...
UBUNTU-CVE-2017-9840
Dolibarr ERP/CRM 5.0.3 and prior allows low-privilege users to upload files of dangerous types, which can result in arbitrary code execution within the context of the vulnerable application...
Remote code execution
An Arbitrary File Upload issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A specially crafted web serv...
Beepul - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities
HackApp vulnerability scanner discovered that application Beepul published at the 'play' market has multiple vulnerabilities...
Domino Gaple Online - Customized SSL, Dangerous filesystem permissions, Exported ContentProvider vulnerabilities
HackApp vulnerability scanner discovered that application Domino Gaple Online published at the 'play' market has multiple vulnerabilities...
AT&T VoIP - Customized SSL, Dangerous filesystem permissions vulnerabilities
HackApp vulnerability scanner discovered that application AT&T VoIP published at the 'play' market has multiple vulnerabilities...
Order Kanji 2 - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Order Kanji 2 published at the 'play' market has multiple vulnerabilities...
LINE POP - Customized SSL, Dangerous filesystem permissions, Exported components with free access vulnerabilities
HackApp vulnerability scanner discovered that application LINE POP published at the 'play' market has multiple vulnerabilities...
Stickman Ice Hockey - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Stickman Ice Hockey published at the 'play' market has multiple vulnerabilities...
Spider Solitaire Mobile - BSD license, Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Spider Solitaire Mobile published at the 'play' market has multiple vulnerabilities...
Can You Escape - Holidays - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities
HackApp vulnerability scanner discovered that application Can You Escape - Holidays published at the 'play' market has multiple vulnerabilities...
Rival Knights - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities
HackApp vulnerability scanner discovered that application Rival Knights published at the 'play' market has multiple vulnerabilities...
Minimal Weather Info widget - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application Minimal Weather Info widget published at the 'play' market has multiple vulnerabilities...
Smart Maps Offline - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Smart Maps Offline published at the 'play' market has multiple vulnerabilities...