Lucene search
+L

209 matches found

Github Security Blog
Github Security Blog
added 2022/01/06 9:8 p.m.33 views

Unrestricted Upload of File with Dangerous Type in unisharp/laravel-filemanager

This affects the package unisharp/laravel-filemanager prior to version 2.6.2. The upload function does not sufficiently validate the file type when uploading. An attacker may be able to reproduce the following steps: - Install a package with a web Laravel application. - Navigate to the Upload...

8.8CVSS8.9AI score0.01821EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2021/11/16 11:40 p.m.7 views

GHSA-364W-9G92-3GRQ Withdrawn: Laravel Framework does not sufficiently block the upload of executable PHP content.

Withdrawn This advisory has been withdrawn after the maintainers of Laravel noted this issue is not a security vulnerability with Laravel itself, but rather a userland issue. Original CVE based description Laravel Framework through 8.70.2 does not sufficiently block the upload of executable PHP...

9.8CVSS9.5AI score0.1981EPSS
Exploits1References7
Github Security Blog
Github Security Blog
added 2021/11/16 11:40 p.m.45 views

Withdrawn: Laravel Framework does not sufficiently block the upload of executable PHP content.

Withdrawn This advisory has been withdrawn after the maintainers of Laravel noted this issue is not a security vulnerability with Laravel itself, but rather a userland issue. Original CVE based description Laravel Framework through 8.70.2 does not sufficiently block the upload of executable PHP...

9.8CVSS1.1AI score0.1981EPSS
Exploits1References7Affected Software1
Prion
Prion
added 2021/11/14 4:15 p.m.21 views

Input validation

Laravel Framework through 8.70.2 does not sufficiently block the upload of executable PHP content because Illuminate/Validation/Concerns/ValidatesAttributes.php lacks a check for .phar files, which are handled as application/x-httpd-php on systems based on Debian. NOTE: this CVE Record is for...

7.5CVSS9.5AI score0.1981EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2021/10/31 3:8 p.m.7 views

OPENSUSE-SU-2021:1424-1 Security update for civetweb

This update for civetweb fixes the following issues: Version 1.15: boo1191938 / CVE-2020-27304: missing uploaded filepath validation in the default form-based file upload mechanism New configuration for URL decoding Sanitize filenames in handle form Example “embeddedc.c”: Do not overwrite files...

9.8CVSS9.6AI score0.03138EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/10/13 12:0 a.m.6 views

ZOHO ManageEngine ADManager Plus 代码问题漏洞

Zoho ManageEngine ADManager Plus is an easy-to-use Windows Active Directory management and reporting solution. A remote code execution vulnerability exists in Zoho ManageEngine ADManager Plus Build 7111, which stems from not properly validating file uploads in the PasswordExpiry interface and can...

8.8CVSS6.7AI score0.3162EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/10/13 12:0 a.m.7 views

ZOHO ManageEngine ADManager Plus 代码问题漏洞

Zoho ManageEngine ADManager Plus is an easy-to-use Windows Active Directory management and reporting solution. A remote code execution vulnerability exists in Zoho ManageEngine ADManager Plus Build 7111, which stems from not properly validating file uploads in the Personalization interface and ca...

8.8CVSS6.7AI score0.16041EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2021/10/07 8:12 p.m.2 views

CVE-2021-38484

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 do not have a filter or signature check to detect or prevent an upload of malicious files to the server, which may allow an attacker, acting as an administrator, to upload malicious files. This could result in cross-site scriptin...

9.1CVSS7.3AI score0.02597EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/06/30 12:0 a.m.4 views

Tenable Network Security Nessus 代码问题漏洞

Tenable Network Security Nessus is an open source system vulnerability scanner from US-based Tenable Network Security. A code issue vulnerability exists in Nessus Agent, which stems from the program's insufficient validation of files during file uploads, allowing a remote administrator user to...

8.5CVSS6.7AI score0.01294EPSS
Exploits0References4
WPVulnDB
WPVulnDB
added 2021/05/26 12:0 a.m.13 views

Gallery From Files <= 1.6.0 - Unauthenticated RCE

The upload feature of the plugin does not properly check for the allowed extensions, allowing them to be set in the request and attempting to remove the dangerous ones such as .php and .js, but forgetting about .php4, .html etc. As a result, unauthenticated users could upload arbitrary .php4 file...

0.1AI score
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2020/09/14 12:0 a.m.2 views

PT-2020-13439 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 13.1.10 GitLab versions prior to 13.2.8 GitLab versions prior to 13.3.4 Description: A vulnerability was discovered in GitLab where the Conan package upload functionality did not properly validate the supplied...

7.2CVSS5.8AI score0.01242EPSS
Exploits0References11
CVE
CVE
added 2020/08/25 8:21 p.m.64 views

CVE-2020-15641

CVE-2020-15641 affects Marvell QConvergeConsole 5.5.0.64. The vulnerability is a directory traversal flaw in the getFileUploadBytes method of the FlashValidatorServiceImpl class, caused by insufficient validation of a user-supplied path before file operations. This allows remote attackers to disc...

7.5CVSS7.3AI score0.03217EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2020/05/18 3:15 p.m.4 views

CVE-2020-12255

rConfig 3.9.4 is vulnerable to remote code execution due to improper validation in the file upload functionality. vendor.crud.php accepts a file upload by checking content-type without considering the file extension and header. Thus, an attacker can exploit this by uploading a .php file to...

8.8CVSS7.9AI score0.52582EPSS
Exploits0References1
Veracode
Veracode
added 2020/01/17 5:8 a.m.16 views

Unrestricted File Upload

verot/class.upload.php allows unrestricted file upload. The lack of file extension validation on file uploads allow a remote attacker to upload malicious files ending with .phar. When browsing to the uploaded file, the server executes the code in the file in the context of the server...

9.8CVSS3.6AI score0.26184EPSS
Exploits7References12Affected Software1
NVD
NVD
added 2018/02/18 6:29 a.m.16 views

CVE-2018-7217

In Bravo Tejari Procurement Portal, uploaded files are not properly validated by the application either on the client or the server side. An attacker can take advantage of this vulnerability and upload malicious executable files to compromise the application, as demonstrated by an...

8.8CVSS8.7AI score0.01876EPSS
Exploits0References2
Prion
Prion
added 2018/01/23 1:29 a.m.13 views

Authentication flaw

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within uploadsavedo.jsp. The issue results from the lack of proper validation of a...

7.5CVSS9.7AI score0.04849EPSS
Exploits0References2Affected Software1
Metasploit
Metasploit
added 2016/04/17 3:29 a.m.73 views

Advantech WebAccess Dashboard Viewer uploadImageCommon Arbitrary File Upload

This module exploits an arbitrary file upload vulnerability found in Advantech WebAccess 8.0. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw...

9.8CVSS8AI score0.77044EPSS
Exploits5
FreeBSD
FreeBSD
added 2015/06/05 12:0 a.m.40 views

rubygem-paperclip -- validation bypass vulnerability

Jon Yurek reports: Thanks to MORI Shingo of DeNA Co., Ltd. for reporting this. There is an issue where if an HTML file is uploaded with a .html extension, but the content type is listed as being image/jpeg, this will bypass a validation checking for images. But it will also pass the spoof check,...

4.3CVSS9.1AI score0.02121EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/03/20 12:0 a.m.26 views

HP ArcSight Logger < 6.0P1 Multiple Vulnerabilities

According to its self-reported version number, the version of HP ArcSight Logger installed on the remote host is prior to 6.0P1. It is, therefore, affected by the following vulnerabilities : - An XXE injection vulnerability exists due to the improper verification of sources. An authenticated,...

9CVSS6.2AI score0.117EPSS
Exploits2References2
seebug.org
seebug.org
added 2014/09/15 12:0 a.m.67 views

php云人才系统 小漏洞一步步getshell(后台)

简要描述: php云人才系统 小漏洞一步步getshell,这里包含了php与mysql交互时候的特性(也算一个漏洞),还有phpyun自身图片的验证机制问题,等等,步骤比较艰辛,本来想在这里搞一个csrf呢,找了半天没有找到,到时找到一大堆xss,这里就不利用xss了,且看分析 详细说明: 首先我们做一个小测试: 对于mysql存储来说,建站者都会给每一个字段设置长度,然后当我们插入进去的数据长度超过了设置的长度,那么mysql是不会报错,然而会自然截断存储,这个就给我们编写程序的人留下了隐患。 利用场景分析...

7.1AI score
Exploits0
Rows per page
Query Builder