CVE-2020-9309

Silverstripe CMS through 4.5 can be susceptible to script execution from malicious upload contents under allowed file extensions for example HTML code in a TXT file. When these files are stored as protected or draft files, the MIME detection can cause browsers to execute the file contents. Upload...

SUSE SLES15 Security Update : php7 (SUSE-SU-2020:1661-1)

This update for php7 fixes the following issues : Security issue fixed : CVE-2019-11048: Improved the handling of overly long filenames or field names in HTTP file uploads bsc1171999. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security...

Insecure Direct Object Reference

telerik.web.ui is vulnerable to insecure direct object reference. User input is not validated and used directly by RadAsyncUpload without modification or validation. This can potentially result in arbitrary file uploads and executino of arbitrary code...

openSUSE: Security Advisory for php7 (openSUSE-SU-2020:0847-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for php7 (moderate)

openSUSE Security Update: Security update for php7 Announcement ID: openSUSE-SU-2020:0847-1 Rating: moderate References: 1171999 Cross-References: CVE-2019-11048 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for php7 fixes...

VulnCheck KEV: CVE-2017-11317

Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX allows remote attackers to perform arbitrary file uploads or execute arbitrary code...

libexif: several buffer over-reads in EXIF MakerNote handling can lead to information disclosure and DoS

A heap-buffer out-of-bounds read flaw was found in libexif's MakerNote tag parser. This flaw allows an unauthenticated attacker or authenticated attacker with low privileges to exploit the flaw remotely in an application that uses libexif to process EXIF data from media files if the file upload i...

SUSE-SU-2020:1545-1 Security update for php7

This update for php7 fixes the following issues: Security issue fixed: - CVE-2019-11048: Improved the handling of overly long filenames or field names in HTTP file uploads bsc1171999...

CVE-2020-5297

In OctoberCMS october/october composer package versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to upload jpg, jpeg, bmp, png, webp, gif, ico, css, js, woff, woff2, svg, ttf, eot, json, md, less, sass, scss, xml files to any directory of an October CMS server...

Denial of Service in manolo/gwtupload

Overview com.googlecode.gwtupload:gwtupload is a library for uploading files to web servers, showing a progress bar with real information about the process file size, bytes transferred, etc. Affected versions of this package are vulnerable to Denial of Service DoS. server/UploadServlet.java the...

CVE-2019-11048

In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field names could lead PHP engine to try to allocate oversized memory storage, hit the memory limit and stop processing the request, without cleanin...

Design/Logic Flaw

In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field names could lead PHP engine to try to allocate oversized memory storage, hit the memory limit and stop processing the request, without cleanin...

CVE-2019-11048

In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field names could lead PHP engine to try to allocate oversized memory storage, hit the memory limit and stop processing the request, without cleanin...

CVE-2019-11048

CVE-2019-11048 affects PHP mainline releases where HTTP file uploads are allowed: PHP 7.2.x below 7.2.31, 7.3.x below 7.3.18, and 7.4.x below 7.4.6. The flaw allows overly long filenames or field names to trigger memory allocation that exceeds limits, causing the engine to stop processing and fai...

Victor CMS 1.0 - Authenticated Arbitrary File Upload

Exploit Title: Victor CMS 1.0 - Authenticated Arbitrary File Upload Google Dork: N/A Date: 2020-05-19 Exploit Author: Kishan Lal Choudhary Vendor Homepage: https://github.com/VictorAlagwu/CMSsite Software Link: https://github.com/VictorAlagwu/CMSsite/archive/master.zip Version: 1.0 Tested on:...

CVE-2020-13145

Studio in Open edX Ironwood 2.5 allows users to upload SVG files via the "ContentFile Uploads" screen. These files can contain JavaScript code and thus lead to Stored XSS...

CVE-2020-13145

Studio in Open edX Ironwood 2.5 allows users to upload SVG files via the "ContentFile Uploads" screen. These files can contain JavaScript code and thus lead to Stored XSS...

Cross site scripting

Studio in Open edX Ironwood 2.5 allows users to upload SVG files via the "ContentFile Uploads" screen. These files can contain JavaScript code and thus lead to Stored XSS...

CVE-2020-13145

CVE-2020-13145 affects Open edX Studio (Ironwood 2.5). The vulnerability arises from allowing SVG file uploads via the Content > File Uploads screen, where uploaded SVGs can contain JavaScript and trigger Stored XSS. Multiple connected sources corroborate the same description, noting lack of p...

The vulnerability of the ColdFusion interpreter lies in the lack of restrictions on file uploads, which allows attackers to execute arbitrary code.

The vulnerability of the ColdFusion interpreter lies in the lack of restrictions on the download of files. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...