208 matches found
GHSA-JPGW-2R9M-8QFW Kiwi TCMS's misconfigured HTTP headers allow stored XSS execution with Firefox
Impact Kiwi TCMS allows users to upload attachments to test plans, test cases, etc. Earlier versions of Kiwi TCMS had introduced changes which were meant to serve all uploaded files as plain text in order to prevent browsers from executing potentially dangerous files when such files are accessed...
CVE-2023-33404
An Unrestricted Upload vulnerability, due to insufficient validation on UploadControlled.cs file, in BlogEngine.Net version 3.3.8.0 and earlier allows remote attackers to execute remote code...
CVE-2023-33977
Kiwi TCMS is affected by CVE-2023-33977 (stored XSS via unrestricted file upload) in versions prior to 12.4. The root cause is incomplete upload validation that can permit uploading potentially dangerous files, enabling arbitrary JavaScript execution in the browser. An additional issue involves N...
PHPOK Arbitrary File Upload Vulnerability (CNVD-2023-43865)
PHPOK is an enterprise building system that supports expansion. PHPOK version 6.4.100 suffers from an arbitrary file upload vulnerability, which stems from admin.php?c=upload&f=zip&noCache=0.1683794968 lack of valid validation of the uploaded file. An attacker can exploit this vulnerability to...
CVE-2023-32686
Kiwi TCMS is an open source test management system for both manual and automated testing. Kiwi TCMS allows users to upload attachments to test plans, test cases, etc. Earlier versions of Kiwi TCMS had introduced upload validators in order to prevent potentially dangerous files from being uploaded...
Input validation
Kiwi TCMS is an open source test management system for both manual and automated testing. Kiwi TCMS allows users to upload attachments to test plans, test cases, etc. Earlier versions of Kiwi TCMS had introduced upload validators in order to prevent potentially dangerous files from being uploaded...
GHSA-X7C2-7WVG-JPX7 kiwitcms vulnerable to stored XSS via unrestricted files upload
Impact Kiwi TCMS allows users to upload attachments to test plans, test cases, etc. Earlier versions of Kiwi TCMS had introduced upload validators in order to prevent potentially dangerous files from being uploaded, see GHSA-fwcf-753v-fgcj and Content-Security-Policy definition to prevent...
PT-2023-23961
Name of the Vulnerable Software and Affected Versions Kiwi TCMS versions prior to 12.3 Description The issue arises from insufficient upload validation checks in Kiwi TCMS, allowing an attacker to upload potentially dangerous files. These files can be combined to circumvent the existing...
PT-2023-23492 · Unknown · Sourcecodester Online Computer/Laptop Store
Name of the Vulnerable Software and Affected Versions: Sourcecodester Online Computer and Laptop Store version 1.0 Description: The issue allows unrestricted file upload, which can lead to remote code execution. The vulnerability path is "/classes/Users.php?f=save". Recommendations: For version...
CVE-2022-4774
The Bit Form WordPress plugin before 1.9 does not validate the file types uploaded via it's file upload form field, allowing unauthenticated users to upload arbitrary files types such as PHP or HTML files to the server, leading to Remote Code Execution...
CVE-2023-31047
In Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before 4.2.1, it was possible to bypass validation when using one form field to upload multiple files. This multiple upload has never been supported by forms.FileField or forms.ImageField only the last uploaded file was validated. However,...
CVE-2023-0924
The ZYREX POPUP WordPress plugin through 1.0 does not validate the type of files uploaded when creating a popup, allowing a high privileged user such as an Administrator to upload arbitrary files, even when modifying the file system is disallowed, such as in a multisite install...
Apache StreamPark 代码问题漏洞
Apache StreamPark is a streaming media application development framework from the Apache Foundation. Apache StreamPark suffers from a code issue vulnerability that stems from allowing any user to upload a jar as an application, but not forcing validation of the uploaded file type, leading to the...
CVE-2023-30613
Kiwi TCMS, an open source test management system, allows users to upload attachments to test plans, test cases, etc. In versions of Kiwi TCMS prior to 12.2, there is no control over what kinds of files can be uploaded. Thus, a malicious actor may upload an .exe file or a file containing embedded...
PT-2023-22810
Name of the Vulnerable Software and Affected Versions Kiwi TCMS versions prior to 12.2 Description The issue allows users to upload attachments to test plans, test cases, etc., without control over the types of files that can be uploaded. A malicious actor may upload an .exe file or a file...
SAP Business Planning and Consolidation 代码问题漏洞
SAP Business Planning and Consolidation is a business planning and consolidation software from SAP, Germany. The software provides budgeting, forecasting, and financial consolidation capabilities. A code issue vulnerability exists in SAP Business Planning and Consolidation version 200, version 30...
CVE-2023-23937 Missing file upload type validation in pimcore/pimcore
Pimcore is an Open Source Data & Experience Management Platform: PIM, MDM, CDP, DAM, DXP/CMS & Digital Commerce. The upload functionality for updating user profile does not properly validate the file content-type, allowing any authenticated user to bypass this security check by adding a valid...
Design/Logic Flaw
The WeStand WordPress theme before 2.1, footysquare WordPress theme, aidreform WordPress theme, statfort WordPress theme, club-theme WordPress theme, kingclub-theme WordPress theme, spikes WordPress theme, spikes-black WordPress theme, soundblast WordPress theme, bolster WordPress theme from...
CVE-2022-0316 Multiple themes - Unauthenticated Arbitrary File Upload
The WeStand WordPress theme before 2.1, footysquare WordPress theme, aidreform WordPress theme, statfort WordPress theme, club-theme WordPress theme, kingclub-theme WordPress theme, spikes WordPress theme, spikes-black WordPress theme, soundblast WordPress theme, bolster WordPress theme from...
CVE-2022-0553 Possible to retrieve uncrypted firmware image
There is no check to see if slot 0 is being uploaded from the device to the host. When using encrypted images this means the unencrypted firmware can be retrieved easily...