GHSA-WJX8-CGRM-HH8P Unrestricted file uploads in Contao

Impact A back end user with access to the form generator can upload arbitrary files and execute them on the server. Patches Update to Contao 4.4.46 or 4.8.6. Workarounds Configure your web server so it does not execute PHP files and other scripts in the Contao file upload directory. References...

typo3 -- multiple vulnerabilities

Typo3 core team reports: It has been discovered that the output of field validation errors in the Form Framework is vulnerable to cross-site scripting. It has been discovered that t3:// URL handling and typolink functionality are vulnerable to cross-site scripting. Not only regular backend forms...

AUO SunVeillance Monitoring System Code Issue Vulnerabilities

AUO SunVeillance Monitoring System is an intelligent cloud-based PV monitoring solution from AUO Taiwan. AUO SunVeillance Monitoring System v1.1.9e is vulnerable to a code issue in the PictureManagemvc.aspx file. An attacker can exploit this vulnerability to upload files via modified authorizatio...

The vulnerability of the openregion.security module of the “Open Region” platform, which arises due to insufficient validation of input data, allows attackers to execute arbitrary code or carry out cross-site scripting attacks.

The vulnerability of the “Open Region” platform exists due to insufficient verification of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or perform a cross-site scripting attack by uploading files with extensions .pht, .php7, .php5, .php3, .php4,...

UBUNTU-CVE-2019-18180

Improper Check for filenames with overly long extensions in PostMaster sending in email or uploading files e.g. attaching files to mails of OTRS Community Edition and OTRS allows an remote attacker to cause an endless loop. This issue affects: OTRS AG: OTRS Community Edition 5.0.x version 5.0.38...

CVE-2019-18180

Improper Check for filenames with overly long extensions in PostMaster sending in email or uploading files e.g. attaching files to mails of OTRS Community Edition and OTRS allows an remote attacker to cause an endless loop. This issue affects: OTRS AG: OTRS Community Edition 5.0.x version 5.0.38...

CVE-2019-19493

Kentico before 12.0.50 allows file uploads in which the Content-Type header is inconsistent with the file extension, leading to XSS...

Cross site scripting

Kentico before 12.0.50 allows file uploads in which the Content-Type header is inconsistent with the file extension, leading to XSS...

Centraleyezer File Upload Vulnerability

Centraleyezer is a vulnerability tracking and management platform. The platform is used for vulnerability reporting, prioritization, escalation and tracking of vulnerabilities. A security vulnerability exists in Centraleyezer. An attacker can exploit the vulnerability to upload dangerous types of...

Dell EMC VMAX Virtual Appliance Manager Directory Traversal (CVE-2018-1215)

A directory traversal vulnerability exists in Dell EMC VMAX Virtual Appliance vApp. The vulnerability is due to improper handling of user-supplied requests for file uploads. Successful exploitation of this vulnerability could lead to arbitrary code execution...

Improper access control

An issue was discovered in PictureManagemvc.aspx in AUO SunVeillance Monitoring System before v1.1.9e. There is an incorrect access control vulnerability that can allow an unauthenticated user to upload files via a modified authority parameter...

Portainer Directory Traversal Vulnerability

Portainer is an open source lightweight management UI that allows you to easily manage docker hosts or clusters. A directory traversal vulnerability exists in Portainer versions prior to 1.22.1. An attacker can exploit this vulnerability to upload files to arbitrary locations...

AUO SunVeillance Monitoring System 1.1.9e - Incorrect Access Control

AUO SunVeillance Monitoring System 1.1.9e - Incorrect Access Control Exploit Title: AUO SunVeillance Monitoring System 1.1.9e - Incorrect Access Control Date: 2019-10-24 Exploit Author: Luca.Chiou Vendor Homepage: https://www.auo.com/zh-TW Version: AUO SunVeillance Monitoring System all versions...

CVE-2019-16700

The slubevents aka SLUB: Event Registration extension through 3.0.2 for TYPO3 allows uploading of arbitrary files to the webserver. For versions 1.2.2 and below, this results in Remote Code Execution. In versions later than 1.2.2, this can result in Denial of Service, since the web space can be...

CVE-2019-16700

The slubevents aka SLUB: Event Registration extension through 3.0.2 for TYPO3 allows uploading of arbitrary files to the webserver. For versions 1.2.2 and below, this results in Remote Code Execution. In versions later than 1.2.2, this can result in Denial of Service, since the web space can be...

Cross site scripting

Zulip server before 2.0.5 incompletely validated the MIME types of uploaded files. A user who is logged into the server could upload files of certain types to mount a stored cross-site scripting attack on other logged-in users. On a Zulip server using the default local uploads backend, the attack...

CVE-2019-15131

In Code42 Enterprise 6.7.5 and earlier, 6.8.4 through 6.8.8, and 7.0.0 a vulnerability has been identified that may allow arbitrary files to be uploaded to Code42 servers and executed. This vulnerability could allow an attacker to create directories and save files on Code42 servers, which could...

CVE-2017-18592

The woocommerce-catalog-enquiry plugin before 3.1.0 for WordPress has an incorrect wpupload directory for file uploads...

CVE-2017-18592

The woocommerce-catalog-enquiry plugin before 3.1.0 for WordPress has an incorrect wpupload directory for file uploads...

CVE-2017-18592

The CVE-2017-18592 vulnerability affects the WordPress plugin woocommerce-catalog-enquiry (versions older than 3.1.0). The issue is an incorrect wp_upload directory used for file uploads, enabling an improper file placement path. Related sources describe this as an Arbitrary File Upload risk, wit...