Total
2971 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-13855 | 1 Pandorafms | 1 Pandora Fms | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| Artica Pandora FMS 7.44 allows arbitrary file upload (leading to remote command execution) via the File Repository Manager feature. | |||||
| CVE-2020-13852 | 1 Pandorafms | 1 Pandora Fms | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| Artica Pandora FMS 7.44 allows arbitrary file upload (leading to remote command execution) via the File Manager feature. | |||||
| CVE-2020-13774 | 1 Ivanti | 1 Endpoint Manager | 2024-11-21 | 9.0 HIGH | 9.9 CRITICAL |
| An unrestricted file-upload issue in EditLaunchPadDialog.aspx in Ivanti Endpoint Manager 2019.1 and 2020.1 allows an authenticated attacker to gain remote code execution by uploading a malicious aspx file. The issue is caused by insufficient file extension validation and insecure file operations on the uploaded image, which upon failure will leave the temporarily created files in an accessible location on the server. | |||||
| CVE-2020-13675 | 1 Drupal | 1 Drupal | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Drupal's JSON:API and REST/File modules allow file uploads through their HTTP APIs. The modules do not correctly run all file validation, which causes an access bypass vulnerability. An attacker might be able to upload files that bypass the file validation process implemented by modules on the site. | |||||
| CVE-2020-13443 | 1 Expressionengine | 1 Expressionengine | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| ExpressionEngine before 5.3.2 allows remote attackers to upload and execute arbitrary code in a .php%20 file via Compose Msg, Add attachment, and Save As Draft actions. A user with low privileges (member) is able to upload this. It is possible to bypass the MIME type check and file-extension check while uploading new files. Short aliases are not used for an attachment; instead, direct access is allowed to the uploaded files. It is possible to upload PHP only if one has member access, or registration/forum is enabled and one can create a member with the default group id of 5. To exploit this, one must to be able to send and compose messages (at least). | |||||
| CVE-2020-13442 | 1 Dext5 | 1 Dext5 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A Remote code execution vulnerability exists in DEXT5Upload in DEXT5 through 2.7.1402870. An attacker can upload a PHP file via dext5handler.jsp handler because the uploaded file is stored under dext5uploadeddata/. | |||||
| CVE-2020-13384 | 1 Monstra | 1 Monstra | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Monstra CMS 3.0.4 allows remote authenticated users to upload and execute arbitrary PHP code via admin/index.php?id=filesmanager because, for example, .php filenames are blocked but .php7 filenames are not, a related issue to CVE-2017-18048. | |||||
| CVE-2020-13260 | 1 Rad | 2 Secflow-1v, Secflow-1v Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A vulnerability in the web-based management interface of RAD SecFlow-1v through 2020-05-21 could allow an authenticated attacker to upload a JavaScript file, with a stored XSS payload, that will remain stored in the system as an OVPN file in Configuration-Services-Security-OpenVPN-Config or as the static key file in Configuration-Services-Security-OpenVPN-Static Keys. This payload will execute each time a user opens an affected web page. This could be exploited in conjunction with CVE-2020-13259. | |||||
| CVE-2020-13241 | 1 Microweber | 1 Microweber | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Microweber 1.1.18 allows Unrestricted File Upload because admin/view:modules/load_module:users#edit-user=1 does not verify that the file extension (used with the Add Image option on the Edit User screen) corresponds to an image file. | |||||
| CVE-2020-13128 | 1 Gwtupload Project | 1 Gwtupload | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Manolo GWTUpload 1.0.3. server/UploadServlet.java (the servlet for handling file upload) accepts a delay parameter that causes a thread to sleep. It can be abused to cause all of a server's threads to sleep, leading to denial of service. | |||||
| CVE-2020-13126 | 1 Elementor | 1 Elementor Page Builder | 2024-11-21 | 6.5 MEDIUM | 9.9 CRITICAL |
| An issue was discovered in the Elementor Pro plugin before 2.9.4 for WordPress, as exploited in the wild in May 2020 in conjunction with CVE-2020-13125. An attacker with the Subscriber role can upload arbitrary executable files to achieve remote code execution. NOTE: the free Elementor plugin is unaffected. | |||||
| CVE-2020-12854 | 1 Seczetta | 1 Neprofile | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| A remote code execution vulnerability was identified in SecZetta NEProfile 3.3.11. Authenticated remote adversaries can invoke code execution upon uploading a carefully crafted JPEG file as part of the profile avatar. | |||||
| CVE-2020-12846 | 1 Synacor | 1 Zimbra Collaboration Suite | 2024-11-21 | 6.0 MEDIUM | 8.0 HIGH |
| Zimbra before 8.8.15 Patch 10 and 9.x before 9.0.0 Patch 3 allows remote code execution via an avatar file. There is potential abuse of /service/upload servlet in the webmail subsystem. A user can upload executable files (exe,sh,bat,jar) in the Contact section of the mailbox as an avatar image for a contact. A user will receive a "Corrupt File" error, but the file is still uploaded and stored locally in /opt/zimbra/data/tmp/upload/, leaving it open to possible remote execution. | |||||
| CVE-2020-12843 | 1 Gogogate | 2 Ismartgate Pro, Ismartgate Pro Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading sounds to garage doors. The magic bytes for WAV must be used. | |||||
| CVE-2020-12837 | 1 Gogogate | 2 Ismartgate Pro, Ismartgate Pro Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading images to garage doors. The magic bytes of PNG must be used. | |||||
| CVE-2020-12828 | 1 Pango | 1 Virtual Private Network Software Development Kit | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in AnchorFree VPN SDK before 1.3.3.218. The VPN SDK service takes certain executable locations over a socket bound to localhost. Binding to the socket and providing a path where a malicious executable file resides leads to executing the malicious executable file with SYSTEM privileges. | |||||
| CVE-2020-12800 | 1 Codedropz | 1 Drag And Drop Multiple File Upload - Contact Form 7 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The drag-and-drop-multiple-file-upload-contact-form-7 plugin before 1.3.3.3 for WordPress allows Unrestricted File Upload and remote code execution by setting supported_type to php% and uploading a .php% file. | |||||
| CVE-2020-12715 | 1 Rainbowfishsoftware | 1 Pacsone Server | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| RainbowFish PacsOne Server 6.8.4 has Incorrect Access Control. | |||||
| CVE-2020-12675 | 1 Mappresspro | 1 Mappress | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| The mappress-google-maps-for-wordpress plugin before 2.54.6 for WordPress does not correctly implement capability checks for AJAX functions related to creation/retrieval/deletion of PHP template files, leading to Remote Code Execution. NOTE: this issue exists because of an incomplete fix for CVE-2020-12077. | |||||
| CVE-2020-12255 | 1 Rconfig | 1 Rconfig | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| rConfig 3.9.4 is vulnerable to remote code execution due to improper validation in the file upload functionality. vendor.crud.php accepts a file upload by checking content-type without considering the file extension and header. Thus, an attacker can exploit this by uploading a .php file to vendor.php that contains arbitrary PHP code and changing the content-type to image/gif. | |||||