CVE-2024-40744

Unrestricted file upload via security bypass in Convert Forms component for Joomla in versions before 4.4.8...

CVE-2023-36486

The workflow-engine of ILIAS before 7.23 and 8 before 8.3 allows remote authenticated users to run arbitrary system commands on the application server as the application user by uploading a workflow definition file with a malicious filename...

CVE-2023-38702

Knowage is an open source analytics and business intelligence suite. Starting in the 6.x.x branch and prior to version 8.1.8, the endpoint /knowage/restful-services/dossier/importTemplateFile allows authenticated users to upload template file on the server, but does not need any authorization to ...

CVE-2023-5241

The AI ChatBot for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.8.9 as well as 4.9.2 via the qcldopenaiuploadpagetrainingfile function. This allows subscriber-level attackers to append "...

CVE-2023-2928

A vulnerability was found in DedeCMS up to 5.7.106. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file uploads/dede/articleallowurledit.php. The manipulation of the argument allurls leads to code injection. The attack can be launched remotely...

CVE-2022-40797

Roxy Fileman 1.4.6 allows Remote Code Execution via a .phar upload, because the default FORBIDDENUPLOADS value in conf.json only blocks .php, .php4, and .php5 files. Visiting any .phar file invokes the PHP interpreter in some realistic web-server configurations...

CVE-2022-37159

Claroline 13.5.7 and prior is vulnerable to Remote code execution via arbitrary file upload...

CVE-2022-3126

The Frontend File Manager Plugin WordPress plugin before 21.4 does not have CSRF check when uploading files, which could allow attackers to make logged in users upload files on their behalf...

CVE-2021-42051

An issue was discovered in AbanteCart before 1.3.2. Any low-privileged user with file-upload permissions can upload a malicious SVG document that contains an XSS payload...

CVE-2021-32630

Admidio is a free, open source user management system for websites of organizations and groups. In Admidio before version 4.0.4, there is an authenticated RCE via .phar file upload. A php web shell can be uploaded via the Documents & Files upload feature. Someone with upload permissions could...

CVE-2021-46036

An arbitrary file upload vulnerability in the component /ms/file/uploadTemplate.do of MCMS v5.2.4 allows attackers to execute arbitrary code...

CVE-2021-20111

A stored cross-site scripting vulnerability exists in TCExam = 14.8.1. Valid files uploaded via tcefilemanager.php with a filename beggining with a period will be rendered as text/html. An attacker with access to tcefilemanager.php could upload a malicious javascript payload which would be...

CVE-2020-35656

Jaws through 1.8.0 allows remote authenticated administrators to execute arbitrary code via crafted use of admin.php?reqGadget=Components=InstallGadget∁=FileBrowser and admin.php?reqGadget=FileBrowser=Files to upload a .php file. NOTE: this is unrelated to the JAWS aka Job Access With Speech...

CVE-2020-28173

Simple College Website 1.0 allows a user to conduct remote code execution via /alumni/admin/ajax.php?action=savesettings when uploading a malicious file using the image upload functionality, which is stored in /alumni/admin/assets/uploads/...

CVE-2020-29592

An issue was discovered in Orchard before 1.10. A broken access control issue in Orchard components that use the TinyMCE HTML editor's file upload allows an attacker to upload dangerous executables that bypass the file types allowed regardless of the file types allowed list in Media settings...

CVE-2020-21861

File upload vulnerability in DuxCMS 2.1 allows attackers to execute arbitrary php code via duxcms/AdminUpload/upload...

CVE-2015-1371

Unrestricted file upload vulnerability in ferretCMS 1.0.4-alpha allows remote administrators to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in custom/uploads/...

CVE-2019-8908

An issue was discovered in WTCMS 1.0. It allows remote attackers to execute arbitrary PHP code by going to the "Setting - Mailbox configuration - Registration email template" screen, and uploading an image file, as demonstrated by a .php filename and the "Content-Type: image/gif" header...

CVE-2019-9612

An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider for example file.jsp::$DATA to the admin/comn/service/upload URI...

CVE-2018-16397

In LimeSurvey before 3.14.7, an admin user can leverage a "file upload" question to read an arbitrary file,...