PT-2022-26210 · Chamilo · Chamilo

Name of the Vulnerable Software and Affected Versions: Chamilo version 1.11.16 Description: The issue allows authenticated users with access to 'big file uploads' to copy or move files from anywhere in the file system into the web directory. This is due to an authenticated local file inclusion...

CVE-2022-42029

Chamilo 1.11.16 is affected by an authenticated local file inclusion vulnerability which allows authenticated users with access to 'big file uploads' to copy/move files from anywhere in the file system into the web directory...

WordPress plugin Frontend File Manager 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plug-in. WordPress Frontend File Manager versions prior to 21.3 are vulnerable to arbitrary file uploads, whi...

CVE-2022-37346

EC-CUBE plugin 'Product Image Bulk Upload Plugin' 1.0.0 and 4.1.0 contains an insufficient verification vulnerability when uploading files. Exploiting this vulnerability allows a remote unauthenticated attacker to upload arbitrary files other than image files. If a user with an administrative...

Security Bulletin: IBM Sterling Partner Engagement Manager vulnerable to denial of service due to Apache Shiro (CVE-2022-32532)

Summary IBM Sterling Partner Engagement Manager uses Apache Shiro library 1.9.1, where A RegexRequestMatcher can be misconfigured to be bypassed on some servlet containers. The issue has been addressed. Vulnerability Details CVEID:CVE-2022-22970 DESCRIPTION: Vmware Tanzu Spring Framework is...

Cloudreve 跨站脚本漏洞

Cloudreve is Cloudreve open source a public cloud file system that supports multiple cloud storage drives. A cross-site scripting vulnerability exists in Cloudreve versions v1.0.0 through v3.5.3. The vulnerability stems from the discovery of a cross-site scripting XSS vulnerability via the file...

EspoCRM 代码问题漏洞

EspoCRM is an open source web-based customer relationship management CRM system. The system provides features such as sales automation, community and customer support. A code issue vulnerability exists in EspoCRM version 7.1.8, which stems from vulnerability to unrestricted file uploads and allow...

Security Bulletin: IBM Sterling Control Center is vulnerable to denial of servicedue to Spring Framework (CVE-2022-22970)

Summary Spring Framework is vulnerable to a denial of service, caused by a flaw in the handling of file uploads. By sending a specially-crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition. IBM Sterling Control Center uses Spring...

CVE-2022-36667

Garage Management System 1.0 is vulnerable to the Remote Code Execution RCE due to the lack of filtering from the file upload function. The vulnerability exist during adding parts and from the upload function, the attacker can upload PHP Reverse Shell straight away to gain RCE...

Garage Management System 代码问题漏洞

SourceCodester Garage Management System Cms-Website is a garage management system by mayurik personal developer. It helps you to manage all your vehicles, cars and motorcycles. A security vulnerability exists in Garage Management System version 1.0, which stems from a lack of file upload filterin...

axum 安全漏洞

axum is a Tokio open source web application framework focused on ergonomics and modularity. A security vulnerability exists in axum that stems from the fact that it does not limit the size of files, causing it to run out of memory and crash...

Design/Logic Flaw

GrowthBook is an open-source platform for feature flagging and A/B testing. With some self-hosted configurations in versions prior to 2022-08-29, attackers can register new accounts and upload files to arbitrary directories within the container. If the attacker uploads a Python script to the righ...

CVE-2022-36065

GrowthBook (self-hosted) prior to 2022-08-29 is affected by an account creation and arbitrary file-upload vulnerability that can lead to remote code execution if a Python script is uploaded to an arbitrary directory inside the container. Exploitation requires all of: self-hosted deployment (Growt...

CVE-2022-36065 GrowthBook account creation and file upload vulnerability in self-hosted configurations

GrowthBook is an open-source platform for feature flagging and A/B testing. With some self-hosted configurations in versions prior to 2022-08-29, attackers can register new accounts and upload files to arbitrary directories within the container. If the attacker uploads a Python script to the righ...

PT-2022-23153 · Unknown · Growthbook

Name of the Vulnerable Software and Affected Versions: GrowthBook versions prior to 2022-08-29 Description: GrowthBook is an open-source platform for feature flagging and A/B testing. With some self-hosted configurations, attackers can register new accounts and upload files to arbitrary directori...

PT-2022-23861 · Unknown · Garage Management System

Name of the Vulnerable Software and Affected Versions: Garage Management System version 1.0 Description: The application manage website.php is vulnerable to Shell File Upload. An already authenticated malicious user can upload a dangerous Remote Code Execution RCE or Local Code Execution LCE...

Ubuntu: Security Advisory (USN-5269-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-2594

The Advanced Custom Fields WordPress plugin before 5.12.3, Advanced Custom Fields Pro WordPress plugin before 5.12.3 allows unauthenticated users to upload files allowed in a default WP configuration so PHP is not possible if there is a frontend form available. This vulnerability was introduced i...

Design/Logic Flaw

The Advanced Custom Fields WordPress plugin before 5.12.3, Advanced Custom Fields Pro WordPress plugin before 5.12.3 allows unauthenticated users to upload files allowed in a default WP configuration so PHP is not possible if there is a frontend form available. This vulnerability was introduced i...

Emerson Proficy Machine Edition

1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Emerson Equipment: Proficy Machine Edition Vulnerabilities: Missing Support for Integrity Check, Improper Access Control, Unrestricted Upload of File with Dangerous Type, Improper Verification of...