CVE-2022-27249

An unrestricted file upload vulnerability in IdeaRE RefTree before 2021.09.17 allows remote authenticated users to execute arbitrary code by using UploadDwg to upload a crafted aspx file to the web root, and then visiting the URL for this aspx resource...

CVE-2020-13774

An unrestricted file-upload issue in EditLaunchPadDialog.aspx in Ivanti Endpoint Manager 2019.1 and 2020.1 allows an authenticated attacker to gain remote code execution by uploading a malicious aspx file. The issue is caused by insufficient file extension validation and insecure file operations ...

CVE-2019-10935

A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier All versions, SIMATIC PCS 7 V8.1 All versions V8.1 with WinCC V7.3 Upd 19, SIMATIC PCS 7 V8.2 All versions V8.2 SP1 with WinCC V7.4 SP1 Upd 11, SIMATIC PCS 7 V9.0 All versions V9.0 SP2 with WinCC V7.4 SP1 Upd11, SIMATIC WinCC...

A way to upload aspxshell for the first-class surveillance system-vulnerability warning-the black bar safety net

Publisher:bincker Time:2010-1-24 The best monitoring system of all know what is going on, the main is to upload the data is filtered out, such as varchar, etc. characters. Yesterday the priest said that there is a monitoring system, can not upload the aspx,I tried the following asp the horse is t...