Design/Logic Flaw

Pluck CMS is vulnerable to an authenticated remote code execution RCE vulnerability through its “albums” module. Albums are used to create collections of images that can be inserted into web pages across the site. Albums allow the upload of various filetypes, which undergo a normalization process...

CVE-2023-25828 Authenticate Remote Code Execution in Pluck CMS

Pluck CMS is vulnerable to an authenticated remote code execution RCE vulnerability through its “albums” module. Albums are used to create collections of images that can be inserted into web pages across the site. Albums allow the upload of various filetypes, which undergo a normalization process...

Pluck CMS 代码问题漏洞

Pluck is a content management system CMS developed using the PHP language. A security vulnerability exists in Pluck CMS that stems from a lack of validation of file extensions...

PT-2023-20333 · Pluck Cms · Pluck Cms

Name of the Vulnerable Software and Affected Versions: Pluck CMS affected versions not specified Description: The issue concerns an authenticated remote code execution RCE vulnerability through the "albums" module. This module allows the creation of image collections that can be inserted into web...

Researchers Uncover Chinese Nation State Hackers' Deceptive Attack Strategies

A recent campaign undertaken by Earth Preta indicates that nation-state groups aligned with China are getting increasingly proficient at bypassing security solutions. The threat actor, active since at least 2012, is tracked by the broader cybersecurity community under Bronze President, HoneyMyte,...

Remote Code Execution (RCE)

cockpit-hq/cockpit is vulnerable to Remote Code Execution RCE. The vulnerability is due to a lack of file extension validation for user supplied files which allows an attacker to upload and execute malicious PHP code...

CVE-2023-0350

Akuvox E11 does not ensure that a file extension is associated with the file provided. This could allow an attacker to upload a file to the device by changing the extension of a malicious file to an accepted file type...

Arbitrary file deletion

Akuvox E11 does not ensure that a file extension is associated with the file provided. This could allow an attacker to upload a file to the device by changing the extension of a malicious file to an accepted file type...

CVE-2023-0350 CVE-2023-0350

Akuvox E11 does not ensure that a file extension is associated with the file provided. This could allow an attacker to upload a file to the device by changing the extension of a malicious file to an accepted file type...

CVE-2023-0350 CVE-2023-0350

Akuvox E11 does not ensure that a file extension is associated with the file provided. This could allow an attacker to upload a file to the device by changing the extension of a malicious file to an accepted file type...

Input validation

The Auto Featured Image Auto Post Thumbnail WordPress plugin before 3.9.16 includes an AJAX endpoint that allows any user with at least Author privileges to upload arbitrary files, such as PHP files. This is caused by incorrect file extension validation...

CVE-2023-0477 Auto Featured Image < 3.9.16 - Author+ Arbitrary File Upload

The Auto Featured Image Auto Post Thumbnail WordPress plugin before 3.9.16 includes an AJAX endpoint that allows any user with at least Author privileges to upload arbitrary files, such as PHP files. This is caused by incorrect file extension validation...

CVE-2023-0477 Auto Featured Image < 3.9.16 - Author+ Arbitrary File Upload

The Auto Featured Image Auto Post Thumbnail WordPress plugin before 3.9.16 includes an AJAX endpoint that allows any user with at least Author privileges to upload arbitrary files, such as PHP files. This is caused by incorrect file extension validation...

PT-2023-16292 · WordPress · Auto Featured Image

Name of the Vulnerable Software and Affected Versions: Auto Featured Image Auto Post Thumbnail WordPress plugin versions prior to 3.9.16 Description: The issue is caused by incorrect file extension validation, allowing any user with at least Author privileges to upload arbitrary files, such as PH...

SUSE CVE-2005-0230

Firefox 1.0 does not prevent the user from dragging an executable file to the desktop when it has an image/gif content type but has a dangerous extension such as .bat or .exe, which allows remote attackers to bypass the intended restriction and execute arbitrary commands via malformed GIF files...

SUSE CVE-2007-3845

Mozilla Firefox before 2.0.0.6, Thunderbird before 1.5.0.13 and 2.x before 2.0.0.6, and SeaMonkey before 1.1.4 allow remote attackers to execute arbitrary commands via certain vectors associated with launching "a file handling program based on the file extension at the end of the URI," a variant ...

SUSE CVE-2017-14604

GNOME Nautilus before 3.23.90 allows attackers to spoof a file type by using the .desktop file extension, as demonstrated by an attack in which a .desktop file's Name field ends in .pdf but this file's Exec field launches a malicious "sh -c" command. In other words, Nautilus provides no UI...

SUSE CVE-2019-15613

A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend their behaviour on the file extension when checking file mimetypes...

SUSE CVE-2021-23180

A flaw was found in htmldoc in v1.9.12 and before. Null pointer dereference in fileextension,in file.c may lead to execute arbitrary code and denial of service...

portfolioCMS 竞争条件问题漏洞

PortfolioCMS is Bootstrap portfolio website with admin panel. A competitive condition vulnerability exists in portfolioCMS version 1.0.0. A remote attacker can exploit this vulnerability to execute arbitrary code via the fileExt parameter of localhost/admin/uploads.php...