102 matches found
PT-2024-33169 · Sage · Sage 1000
Name of the Vulnerable Software and Affected Versions: Sage 1000 version 7.0.0 Description: An Unrestricted File Upload vulnerability exists, allowing authorized users to upload files without proper validation. An attacker could exploit this vulnerability by uploading malicious files, such as HTM...
CVE-2024-6366
The CVE concerns the WordPress plugin User Profile Builder (cozmoslabs) prior to version 3.11.8, where improper authorization allows unauthenticated users to upload media files via the async upload feature. Affected: User Profile Builder
CVE-2024-31161
The upload functionality of ASUS Download Master does not properly filter user input. Remote attackers with administrative privilege can exploit this vulnerability to upload any file to any location. They may even upload malicious web page files to the website directory, allowing arbitrary system...
CVE-2024-3403
imartinez/privategpt version 0.2.0 is vulnerable to a local file inclusion vulnerability that allows attackers to read arbitrary files from the filesystem. By manipulating file upload functionality to ingest arbitrary local files, attackers can exploit the 'Search in Docs' feature or query the AI...
CVE-2024-23734
Cross Site Request Forgery vulnerability in in the upload functionality of the User Profile pages in savignano S/Notify before 2.0.1 for Bitbucket allow attackers to replace S/MIME certificate or PGP keys for arbitrary users via crafted link...
Django MarkdownX Cross-Site Scripting (XSS) vulnerability
Cross-Site Scripting XSS vulnerability in the Django MarkdownX project, affecting version 4.0.2. An attacker could store a specially crafted JavaScript payload in the upload functionality due to lack of proper sanitisation of JavaScript elements...
CVE-2024-2319
Cross-Site Scripting XSS vulnerability in the Django MarkdownX project, affecting version 4.0.2. An attacker could store a specially crafted JavaScript payload in the upload functionality due to lack of proper sanitisation of JavaScript elements...
CVE-2024-2319 Cross-Site Scripting vulnerability in Django MarkdownX
Cross-Site Scripting XSS vulnerability in the Django MarkdownX project, affecting version 4.0.2. An attacker could store a specially crafted JavaScript payload in the upload functionality due to lack of proper sanitisation of JavaScript elements...
Input validation
The Booster Elite for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the wcaddnewproduct function in all versions up to, and including, 7.1.7. This makes it possible for customer-level attackers, and above, to upload arbitrary files...
CVE-2024-23790
Improper Input Validation vulnerability in the upload functionality for user avatars allows functionality misuse due to missing check of filetypes. This issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023 through 2023.1.1...
CVE-2024-23790
CVE-2024-23790 describes an Improper Input Validation vulnerability in OTRS avatar upload, caused by missing filetype checks. Affected product versions are: OTRS 7.0.X up to 7.0.48, OTRS 8.0.X up to 8.0.37, and OTRS released in 2023 up to 2023.1.1. Public details in the connected PT-Security advi...
Cross site scripting
Unrestricted file upload in big file upload functionality in /main/inc/lib/javascript/bigupload/inc/bigUpload.php in Chamilo LMS = v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell...
CVE-2023-34354
A stored cross-site scripting XSS vulnerability exists in the uploadbrand.cgi functionality of peplink Surf SOHO HW1 v6.3.5 in QEMU. A specially crafted HTTP request can lead to execution of arbitrary javascript in another user's browser. An attacker can make an authenticated HTTP request to...
CVE-2023-4817
This vulnerability allows an authenticated attacker to upload malicious files by bypassing the restrictions of the upload functionality, compromising the entire device...
Atlassian Jira < 8.20.20 / 9.4.x < 9.4.4 / 9.5.0 (JRASERVER-75331)
The version of Atlassian Jira Server running on the remote host is affected by a arbitrary file upload vulnerability as referenced in the JRASERVER-75331 advisory. Affected versions of Atlassian Jira Server/DC allows an unauthenticated, remoter attacker to upload arbitrary files to Jira via file...
Malicious file upload in Jira Server via anonymous sources
Affected versions of Atlassian Jira Server/DC allows an unauthenticated attacker to upload arbitrary files to Jira via file upload functionality in the fileupload url. However An attacker cannot control the filename or its location, which prevents the possibility of RCE. Files with name start...
Design/Logic Flaw
Ulearn version a5a7ca20de859051ea0470542844980a66dfc05d allows an attacker with administrator permissions to obtain remote code execution on the server through the image upload functionality. This occurs because the application does not validate that the uploaded image is actually an image...
CVE-2023-0670
Ulearn version a5a7ca20de859051ea0470542844980a66dfc05d allows an attacker with administrator permissions to obtain remote code execution on the server through the image upload functionality. This occurs because the application does not validate that the uploaded image is actually an image...
K06440657: BIG-IP Advanced WAF and ASM iControl REST vulnerability CVE-2021-23001
Security Advisory Description The upload functionality in BIG-IP Advanced WAF and ASM allows an authenticated user to upload files to the BIG-IP system using a call to an undisclosed iControl REST endpoint. CVE-2021-23001 Impact An authenticated malicious user can upload malicious files to use in...
CVE-2023-23937
Pimcore is an Open Source Data & Experience Management Platform: PIM, MDM, CDP, DAM, DXP/CMS & Digital Commerce. The upload functionality for updating user profile does not properly validate the file content-type, allowing any authenticated user to bypass this security check by adding a valid...