Lucene search
+L

73 matches found

OSV
OSV
added 2021/11/16 11:40 p.m.7 views

GHSA-364W-9G92-3GRQ Withdrawn: Laravel Framework does not sufficiently block the upload of executable PHP content.

Withdrawn This advisory has been withdrawn after the maintainers of Laravel noted this issue is not a security vulnerability with Laravel itself, but rather a userland issue. Original CVE based description Laravel Framework through 8.70.2 does not sufficiently block the upload of executable PHP...

9.8CVSS9.5AI score0.1981EPSS
Exploits1References7
OSV
OSV
added 2021/10/31 3:8 p.m.7 views

OPENSUSE-SU-2021:1424-1 Security update for civetweb

This update for civetweb fixes the following issues: Version 1.15: boo1191938 / CVE-2020-27304: missing uploaded filepath validation in the default form-based file upload mechanism New configuration for URL decoding Sanitize filenames in handle form Example “embeddedc.c”: Do not overwrite files...

9.8CVSS9.6AI score0.03138EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/10/13 12:0 a.m.6 views

ZOHO ManageEngine ADManager Plus 代码问题漏洞

Zoho ManageEngine ADManager Plus is an easy-to-use Windows Active Directory management and reporting solution. A remote code execution vulnerability exists in Zoho ManageEngine ADManager Plus Build 7111, which stems from not properly validating file uploads in the PasswordExpiry interface and can...

8.8CVSS6.7AI score0.3162EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/10/13 12:0 a.m.7 views

ZOHO ManageEngine ADManager Plus 代码问题漏洞

Zoho ManageEngine ADManager Plus is an easy-to-use Windows Active Directory management and reporting solution. A remote code execution vulnerability exists in Zoho ManageEngine ADManager Plus Build 7111, which stems from not properly validating file uploads in the Personalization interface and ca...

8.8CVSS6.7AI score0.16041EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/06/30 12:0 a.m.5 views

Tenable Network Security Nessus 代码问题漏洞

Tenable Network Security Nessus is an open source system vulnerability scanner from US-based Tenable Network Security. A code issue vulnerability exists in Nessus Agent, which stems from the program's insufficient validation of files during file uploads, allowing a remote administrator user to...

8.5CVSS6.7AI score0.01294EPSS
Exploits0References4
CVE
CVE
added 2020/08/25 8:21 p.m.64 views

CVE-2020-15641

CVE-2020-15641 affects Marvell QConvergeConsole 5.5.0.64. The vulnerability is a directory traversal flaw in the getFileUploadBytes method of the FlashValidatorServiceImpl class, caused by insufficient validation of a user-supplied path before file operations. This allows remote attackers to disc...

7.5CVSS7.3AI score0.03217EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2020/05/18 3:15 p.m.5 views

CVE-2020-12255

rConfig 3.9.4 is vulnerable to remote code execution due to improper validation in the file upload functionality. vendor.crud.php accepts a file upload by checking content-type without considering the file extension and header. Thus, an attacker can exploit this by uploading a .php file to...

8.8CVSS7.9AI score0.52582EPSS
Exploits0References1
Veracode
Veracode
added 2020/01/17 5:8 a.m.16 views

Unrestricted File Upload

verot/class.upload.php allows unrestricted file upload. The lack of file extension validation on file uploads allow a remote attacker to upload malicious files ending with .phar. When browsing to the uploaded file, the server executes the code in the file in the context of the server...

9.8CVSS3.6AI score0.26184EPSS
Exploits7References12Affected Software1
NVD
NVD
added 2018/02/18 6:29 a.m.16 views

CVE-2018-7217

In Bravo Tejari Procurement Portal, uploaded files are not properly validated by the application either on the client or the server side. An attacker can take advantage of this vulnerability and upload malicious executable files to compromise the application, as demonstrated by an...

8.8CVSS8.7AI score0.01876EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2015/06/05 12:0 a.m.40 views

rubygem-paperclip -- validation bypass vulnerability

Jon Yurek reports: Thanks to MORI Shingo of DeNA Co., Ltd. for reporting this. There is an issue where if an HTML file is uploaded with a .html extension, but the content type is listed as being image/jpeg, this will bypass a validation checking for images. But it will also pass the spoof check,...

4.3CVSS9.1AI score0.02121EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/03/20 12:0 a.m.26 views

HP ArcSight Logger < 6.0P1 Multiple Vulnerabilities

According to its self-reported version number, the version of HP ArcSight Logger installed on the remote host is prior to 6.0P1. It is, therefore, affected by the following vulnerabilities : - An XXE injection vulnerability exists due to the improper verification of sources. An authenticated,...

9CVSS6.2AI score0.117EPSS
Exploits2References2
seebug.org
seebug.org
added 2014/09/15 12:0 a.m.67 views

php云人才系统 小漏洞一步步getshell(后台)

简要描述: php云人才系统 小漏洞一步步getshell,这里包含了php与mysql交互时候的特性(也算一个漏洞),还有phpyun自身图片的验证机制问题,等等,步骤比较艰辛,本来想在这里搞一个csrf呢,找了半天没有找到,到时找到一大堆xss,这里就不利用xss了,且看分析 详细说明: 首先我们做一个小测试: 对于mysql存储来说,建站者都会给每一个字段设置长度,然后当我们插入进去的数据长度超过了设置的长度,那么mysql是不会报错,然而会自然截断存储,这个就给我们编写程序的人留下了隐患。 利用场景分析...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2012/09/11 12:0 a.m.16 views

anwsion问答系统存在任意文件上传重大漏洞

简要描述: 上传只做了js验证貌似 详细说明: 本人只在topic话题下上传了,貌似头像上传那里也存在该问题(没测试) 点击话题图像,就可以编辑上传图像了。 使用火狐的TAMPER DATA插件,并打开开始截获。 选择一个2bb.jpg(内涵php一句话的正常图片即可 该文件目录内还有一个2bb.php(留作备用 在tamaper data内修改数据,把2bb.JPG改成2bb.php即可 就可以看到上传上去的php图片小马了,但是这个是经过处理的 只要把url后面的100X100参数或者50x50参数去除,就可以得到一个没有经过处理的PHP小马了。 漏洞证明: 官方已经拿到shell了...

7.1AI score
Exploits0
Rows per page
Query Builder