PT-2024-12315 · Ibm · Ibm Security Verify Access Appliance +1

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Access Appliance versions 10.0.0.0 through 10.0.6.1 IBM Security Verify Access Docker versions 10.0.0.0 through 10.0.6.1 Description: The issue is due to improper file validation, which could allow a user to download files...

CVE-2023-5841

Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions v3.2...

Input validation

The Contact Form Entries plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'viewpage' function in versions up to, and including, 1.3.2. This makes it possible for authenticated attackers with administrator-level capabilities or above, to uploa...

Contact Form Entries < 1.3.3 - Admin+ Arbitrary File Upload

Description The plugin is vulnerable to arbitrary file uploads due to insufficient file validation on the 'viewpage' function, allowing authenticated attackers with administrator-level capabilities or above, to upload arbitrary files on the affected site's server which may make remote code...

CVE-2023-47115

Label Studio is an a popular open source data labeling tool. Versions prior to 1.9.2 have a cross-site scripting XSS vulnerability that could be exploited when an authenticated user uploads a crafted image file for their avatar that gets rendered as a HTML file on the website. Executing arbitrary...

CVE-2023-47115 Label Studio XSS Vulnerability on Avatar Upload

Label Studio is an a popular open source data labeling tool. Versions prior to 1.9.2 have a cross-site scripting XSS vulnerability that could be exploited when an authenticated user uploads a crafted image file for their avatar that gets rendered as a HTML file on the website. Executing arbitrary...

CVE-2023-47115 Label Studio XSS Vulnerability on Avatar Upload

Label Studio is an a popular open source data labeling tool. Versions prior to 1.9.2 have a cross-site scripting XSS vulnerability that could be exploited when an authenticated user uploads a crafted image file for their avatar that gets rendered as a HTML file on the website. Executing arbitrary...

Unlimited Addons for WPBakery Page Builder <= 1.0.42 - Authenticated (Editor+) Arbitrary File Upload

Description The Unlimited Addons for WPBakery Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'importZipFile' function in versions up to, and including, 1.0.42. This makes it possible for authenticated attackers with a role...

Design/Logic Flaw

The Directorist WordPress plugin before 7.5.4 is vulnerable to Local File Inclusion as it does not validate the file parameter when importing CSV files...

CVE-2023-49801

CVE-2023-49801 describes a vulnerability in Lif Auth Server affecting the get_pfp and get_banner routes. The issue arises from missing validation of the files delivered through these URLs, potentially allowing an attacker to access files they should not access. Multiple connected sources confirm ...

CVE-2023-6266

The Backup Migration plugin for WordPress is vulnerable to unauthorized access of data due to insufficient path and file validation on the BMIBACKUP case of the handledownloading function in all versions up to, and including, 1.3.6. This makes it possible for unauthenticated attackers to download...

CVE-2023-6220 Piotnet Forms <= 1.0.28 - Unauthenticated Arbitrary File Upload

The Piotnet Forms plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'piotnetformsajaxformbuilder' function in versions up to, and including, 1.0.28. This makes it possible for unauthenticated attackers to upload arbitrary files on the...

CVE-2023-6558 Export and Import Users and Customers <= 2.4.8 - Authenticated (Shop Manager+) Arbitrary File Upload

The Export and Import Users and Customers plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'uploadimportfile' function in versions up to, and including, 2.4.8. This makes it possible for authenticated attackers with shop manager-level...

CVE-2023-6558 Export and Import Users and Customers <= 2.4.8 - Authenticated (Shop Manager+) Arbitrary File Upload

The Export and Import Users and Customers plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'uploadimportfile' function in versions up to, and including, 2.4.8. This makes it possible for authenticated attackers with shop manager-level...

CVE-2023-6266 Backup Migration <= 1.3.6 - Unauthenticated Arbitrary Backup Download to Sensitive Information Exposure

The Backup Migration plugin for WordPress is vulnerable to unauthorized access of data due to insufficient path and file validation on the BMIBACKUP case of the handledownloading function in all versions up to, and including, 1.3.6. This makes it possible for unauthenticated attackers to download...

WordPress Plugin Backup Migration Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

Code injection

The Ni Purchase OrderPO For WooCommerce WordPress plugin through 1.2.1 does not validate logo and signature image files uploaded in the settings, allowing high privileged user to upload arbitrary files to the web server, triggering an RCE vulnerability by uploading a web shell...

Stored Cross Site Scripting (XSS)

class.upload.php is vulnerable to Stored Cross Site Scripting. The vulnerability is due to improper validation on uploaded files. This issue can be exploited by an attacker via uploading malicious files leading to the execution of arbitrary JavaScript...

CVE-2023-5991

The Hotel Booking Lite WordPress plugin before 4.8.5 does not validate file paths provided via user input, as well as does not have proper CSRF and authorisation checks, allowing unauthenticated users to download and delete arbitrary files on the server...

Remote code execution

The WP Mail Log WordPress plugin before 1.1.3 does not properly validate file extensions uploading files to attach to emails, allowing attackers to upload PHP files, leading to remote code execution...