CVE-2021-22697

A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software V2.1.13 and prior that could allow a use-after-free condition which could result in remote code execution when a malicious SSD file is uploaded and improperly parsed...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A type confusion vulnerability exists in Mozilla Firefox when using the logical assignment operator, which prevents users from uploading files. No details of the vulnerability are provided at this time...

Drupal 7.x, 8.x, 9.x Archive_Tar library Vulnerability (SA-CORE-2021-001) - Linux

Drupal is prone to a vulnerability in the ArchiveTar library. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

Wordpress contact-form-7 code issue vulnerability

Wordpress contact-form-7 is a Wordpress Foundation plugin that provides forms for Wordpress. A security vulnerability exists in contact-form-7 aka Contact Form 7 plugin prior to version 5.3.2 that allows unrestricted file uploads and remote code execution because file names may contain special...

Drupal core - Critical - Third-party libraries - SA-CORE-2021-001

The Drupal project uses the pear ArchiveTar library, which has released a security update that impacts Drupal. For more information please see: CVE-2020-36193 Exploits may be possible if Drupal is configured to allow .tar, .tar.gz, .bz2, or .tlz file uploads and processes them...

Theonedev Onedev Code Issue Vulnerability

Theonedev Onedev is a JAVA-based all-in-one DevOps platform from the Theonedev team. The platform supports container build, orchestration, CI, Git management, team collaboration and other features to help developers build a simple, powerful development platform. Theonedev A code issue vulnerabili...

golang: default Content-Type setting in net/http/cgi and net/http/fcgi could cause XSS

A flaw was found in the Go standard library packages before upstream versions 1.15 and 1.14.8. Both the net/http/cgi and net/http/fcgi packages use a default Content-Type response header value of "text/html", rather than "text/plain". This flaw allows an attacker to exploit this issue in...

Exploit for Path Traversal in Apache Flink

CVE-2020-17518 Apache Flink RESTful API Arbitrary File Upload...

CVE-2019-18643

Rock RMS versions before 8.10 and versions 9.0 through 9.3 fails to properly validate files uploaded in the application. The only protection mechanism is a file-extension blacklist that can be bypassed by adding multiple spaces and periods after the file name. This could allow an attacker to uplo...

Rock RMS Code Issues Vulnerabilities

Rock RMS is a church management system. A security vulnerability exists in Rock RMS versions prior to 8.10 and versions 9.0 through 9.3. The vulnerability stems from an inability to properly validate files uploaded in the application. The only protection mechanism is a file extension blacklist,...

CVE-2018-16795

OpenEMR 5.0.1.3 allows Cross-Site Request Forgery CSRF via library/ajax and interface/super, as demonstrated by use of interface/super/managesitefiles.php to upload a .php file...

Design/Logic Flaw

tangro Business Workflow before 1.18.1 requests a list of allowed filetypes from the server and restricts uploads to the filetypes contained in this list. However, this restriction is enforced in the browser client-side and can be circumvented. This allows an attacker to upload any file as an...

CVE-2020-26174

tangro Business Workflow before 1.18.1 requests a list of allowed filetypes from the server and restricts uploads to the filetypes contained in this list. However, this restriction is enforced in the browser client-side and can be circumvented. This allows an attacker to upload any file as an...

Wordpress contact-form-7 代码问题漏洞

Wordpress contact-form-7 is a Wordpress Foundation plugin that provides forms for Wordpress. A security vulnerability exists in contact-form-7 aka Contact Form 7 plugin prior to version 5.3.2 that allows unrestricted file uploads and remote code execution because file names may contain special...

PT-2020-6885 · WordPress · Contact Form 7

Name of the Vulnerable Software and Affected Versions: Contact Form 7 versions prior to 5.3.2 Description: The issue is related to an Unrestricted File Upload vulnerability in the Contact Form 7 plugin for WordPress, which can lead to remote code execution. This is because a filename may contain...

Multiple vulnerabilities in GROWI

Overview GROWI provided by WESEEK, Inc. contains multiple vulnerabilities listed below. Denial-of-service DoS due to improper verification of input values CWE-400 - CVE-2020-5682 Directory traversal due to improper verification of uploaded files CWE-22 - CVE-2020-5683 These vulnerabilities were...

CVE-2020-26828

SAP Disclosure Management, version - 10.1, provides capabilities for authorized users to upload and download content of specific file type. In some file types it is possible to enter formulas which can call external applications or execute scripts. The execution of a payload script on target...

CVE-2020-28970

An issue was discovered on Western Digital My Cloud OS 5 devices before 5.06.115. A NAS Admin authentication bypass vulnerability could allow an unauthenticated user to execute privileged commands on the device via a cookie. In addition, an upload endpoint could then be used by an authenticated...

Drupal 7.x, 8.x, 9.x RCE Vulnerability (SA-CORE-2020-013) - Windows

Drupal is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:drupal:drupal";...

DRUPAL-CORE-2020-013

The Drupal project uses the PEAR Archive\Tar library. The PEAR Archive\Tar library has released a security update that impacts Drupal. For more information please see: CVE-2020-28948 CVE-2020-28949 Multiple vulnerabilities are possible if Drupal is configured to allow .tar, .tar.gz, .bz2, or .tlz...