VulnCheck KEV: CVE-2006-2529

editor/filemanager/upload/php/upload.php in FCKeditor before 2.3 Beta, when the upload feature is enabled, does not verify the Type parameter, which allows remote attackers to upload arbitrary file types. NOTE: It is not clear whether this is related to CVE-2006-0658...

WordPress Plugin The Plus Addons for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

WordPress Plugin Toolset Types 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...

CVE-2024-29179 phpMyFAQ Stored Cross-site Scripting at File Attachments

phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. An attacker with admin privileges can upload an attachment containing JS code without extension and the application will render it as HTML which allows for XSS attacks...

Twenty 安全漏洞

Twenty is an open source CRM platform from Twenty. A security vulnerability exists in Twenty version 0.3.0, which stems from an easy server-side request forgery attack via file uploads...

CVE-2024-29034

CarrierWave is a solution for file uploads for Rails, Sinatra and other Ruby web frameworks. The vulnerability CVE-2023-49090 wasn't fully addressed. This vulnerability is caused by the fact that when uploading to object storage, including Amazon S3, it is possible to set a Content-Type value tha...

CVE-2024-29034

CarrierWave is a solution for file uploads for Rails, Sinatra and other Ruby web frameworks. The vulnerability CVE-2023-49090 wasn't fully addressed. This vulnerability is caused by the fact that when uploading to object storage, including Amazon S3, it is possible to set a Content-Type value tha...

CVE-2024-29034

CVE-2024-29034 affects CarrierWave (Rails/Sinatra file uploads). The issue arises from a Content-Type allowlist bypass when uploading to object storage (e.g., S3): multiple comma-separated values can bypass the allowlist, enabling possible XSS. The vulnerability references CVE-2023-49090 and is a...

CVE-2024-29034

CarrierWave is a solution for file uploads for Rails, Sinatra and other Ruby web frameworks. The vulnerability CVE-2023-49090 wasn't fully addressed. This vulnerability is caused by the fact that when uploading to object storage, including Amazon S3, it is possible to set a Content-Type value tha...

CVE-2024-29034 CarrierWave's Content-Type allowlist bypass vulnerability which possibly leads to XSS remained

CarrierWave is a solution for file uploads for Rails, Sinatra and other Ruby web frameworks. The vulnerability CVE-2023-49090 wasn't fully addressed. This vulnerability is caused by the fact that when uploading to object storage, including Amazon S3, it is possible to set a Content-Type value tha...

GHSA-3X9G-XFJ5-FQ84 Duplicate Advisory: Cross-Site Request Forgery in Gradio

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-48cq-79qq-6f7x. this link is maintained to preserve external references. Original Description A Cross-Site Request Forgery gives attackers the ability to upload many large files to a victim, if they are running...

OpenText PVCS Version Manager 安全漏洞

OpenText PVCS Version Manager is a version control software from OpenText, Inc. A security vulnerability exists in OpenText PVCS Version Manager that stems from the presence of weak access control that could bypass authentication for file uploads...

MISP 安全漏洞

MISP is an open source software solution. The product is used to collect, store, distribute, and share cybersecurity metrics with features such as threat cybersecurity event analysis and malware analysis. A security vulnerability exists in MISP versions prior to 2.4.187 that stems from...

PT-2024-18255 · Gradio · Gradio

Name of the Vulnerable Software and Affected Versions: gradio versions prior to 4.19.2 Description: A Cross-Site Request Forgery CSRF issue allows attackers to upload multiple large files to a victim's system if they are running Gradio locally. By crafting a malicious HTML page that triggers an...

GeoServer Arbitrary file renaming vulnerability in REST Coverage/Data Store API

Summary An arbitrary file renaming vulnerability exists that enables an authenticated administrator with permissions to modify stores through the REST Coverage Store or Data Store API to rename arbitrary files and directories with a name that does not end in ".zip". Details Store file uploads...

GHSA-75M5-HH4R-Q9GX GeoServer Arbitrary file renaming vulnerability in REST Coverage/Data Store API

Summary An arbitrary file renaming vulnerability exists that enables an authenticated administrator with permissions to modify stores through the REST Coverage Store or Data Store API to rename arbitrary files and directories with a name that does not end in ".zip". Details Store file uploads...

CVE-2024-1205

The Management App for WooCommerce – Order notifications, Order management, Lead management, Uptime Monitoring plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the nouvellouploadcsvfile function in all versions up to, and including, 1.2.2. This...

CVE-2024-1205 Management App for WooCommerce – Order notifications, Order management, Lead management, Uptime Monitoring <= 1.2.2 - Authenticated (Subscriber+) Arbitrary File Upload

The Management App for WooCommerce – Order notifications, Order management, Lead management, Uptime Monitoring plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the nouvellouploadcsvfile function in all versions up to, and including, 1.2.2. This...

CVE-2024-1205

The CVE-2024-1205 entry describes an Arbitrary File Upload vulnerability in the WordPress plugin Management App for WooCommerce (WEmanage App Worker). All versions up to and including 1.2.0 are affected. An authenticated user (Subscriber+) can call the CSV upload API without proper file-type vali...

WordPress Plugin Management App for WooCommerce Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...