18 matches found
kodcloud KodExplorer 安全漏洞
KodCloud KodExplorer is a web file manager provided by the Chinese company KodCloud. Versions of KodCloud KodExplorer 4.52 and earlier contained security vulnerabilities. These vulnerabilities were caused by improper authorization during the handling of the fileUpload parameter in...
CVE-2021-35483
The Applications component of Nokia IMPACT version through 19.11.2.10-20210118042150283 allows an authenticated user to arbitrarily upload JavaScript files via the /ui/rest-proxy/application fileupload parameter. This can occur during the adding of a new application, or during the editing of an...
CVE-2021-35485
The Applications component of Nokia IMPACT version through 19.11.2.10-20210118042150283 allows an authenticated user to arbitrarily upload server-side executable files via the /ui/rest-proxy/application fileupload parameter. This can occur during the adding of a new application, or during the...
CVE-2021-35483
The Applications component of Nokia IMPACT version through 19.11.2.10-20210118042150283 allows an authenticated user to arbitrarily upload JavaScript files via the /ui/rest-proxy/application fileupload parameter. This can occur during the adding of a new application, or during the editing of an...
CVE-2021-35483
The Applications component of Nokia IMPACT version through 19.11.2.10-20210118042150283 allows an authenticated user to arbitrarily upload JavaScript files via the /ui/rest-proxy/application fileupload parameter. This can occur during the adding of a new application, or during the editing of an...
CVE-2021-35485
The Applications component of Nokia IMPACT version through 19.11.2.10-20210118042150283 allows an authenticated user to arbitrarily upload server-side executable files via the /ui/rest-proxy/application fileupload parameter. This can occur during the adding of a new application, or during the...
CVE-2021-35483
The Applications component of Nokia IMPACT version through 19.11.2.10-20210118042150283 allows an authenticated user to arbitrarily upload JavaScript files via the /ui/rest-proxy/application fileupload parameter. This can occur during the adding of a new application, or during the editing of an...
CVE-2021-35485
CVE-2021-35485 impacts Nokia IMPACT’s Applications component for versions up to 19.11.2.10-20210118042150283. An authenticated user can arbitrarily upload server-side executable files through the /ui/rest-proxy/application fileupload parameter when adding a new application or editing an existing ...
Nokia IMPACT 安全漏洞
Nokia IMPACT is a set of IoT intelligent management platforms developed by Finnish company Nokia. Versions of Nokia IMPACT such as 19.11.2.10 and earlier contain security vulnerabilities. These vulnerabilities stem from the Applications component, which allows the upload of server-side executable...
CVE-2021-35485
The Applications component of Nokia IMPACT version through 19.11.2.10-20210118042150283 allows an authenticated user to arbitrarily upload server-side executable files via the /ui/rest-proxy/application fileupload parameter. This can occur during the adding of a new application, or during the...
PT-2026-22758
The Applications component of Nokia IMPACT version through 19.11.2.10-20210118042150283 allows an authenticated user to arbitrarily upload JavaScript files via the /ui/rest-proxy/application fileupload parameter. This can occur during the adding of a new application, or during the editing of an...
CVE-2021-35483
The Nokia IMPACT Applications component (versions up to 19.11.2.10-20210118042150283) allows an authenticated user to arbitrarily upload JavaScript files via the /ui/rest-proxy/application fileupload parameter during adding or editing an application. If an authenticated user visits the page where...
CVE-2021-35483
The Applications component of Nokia IMPACT version through 19.11.2.10-20210118042150283 allows an authenticated user to arbitrarily upload JavaScript files via the /ui/rest-proxy/application fileupload parameter. This can occur during the adding of a new application, or during the editing of an...
kkFileView 代码问题漏洞
kkFileView is Kaijing Technology kekingcn open source Spring-Boot based on a generic file online preview project . kkFileView 4.4.0 version of the code problem vulnerability , the vulnerability stems from the file/fileUpload in the parameter File of the wrong operation leads to arbitrary file...
Novell ZENworks Asset Management Directory Traversal (CVE-2011-2653)
A Directory Traversal vulnerability has been reported in the Novell ZENworks Asset Management. The vulnerability is due to insufficient input validation when parsing the FileUpload parameter. A remote attacker can exploit this issue by sending a specially crafted packet to the target server...
CVE-2006-4558
DeluxeBB 1.06 and earlier, when run on the Apache HTTP Server with the modmime module, allows remote attackers to execute arbitrary PHP code by uploading files with double extensions via the fileupload parameter in a newthread action in newpost.php...
CVE-2006-4558
DeluxeBB 1.06 and earlier, when run on the Apache HTTP Server with the modmime module, allows remote attackers to execute arbitrary PHP code by uploading files with double extensions via the fileupload parameter in a newthread action in newpost.php...
CVE-2006-4558
DeluxeBB 1.06 and earlier running on Apache with mod_mime is vulnerable. The flaw in newpost.php’s newthread action allows remote attackers to upload files with double extensions via the fileupload parameter, enabling arbitrary PHP code execution. Affected: DeluxeBB 1.06 and earlier. Evidence fro...