Total
2957 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-20063 | 1 Gurock | 1 Testrail | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in Gurock TestRail 5.6.0.3853. An "Unrestricted Upload of File" vulnerability exists in the image-upload form (available in the description editor), allowing remote authenticated users to execute arbitrary code by uploading an image file with an executable extension but a safe Content-Type value, and then accessing it via a direct request to the file in the file-upload directory (if it's accessible according to the server configuration). | |||||
| CVE-2018-1969 | 1 Ibm | 1 Security Identity Manager | 2024-11-21 | 6.5 MEDIUM | 9.0 CRITICAL |
| IBM Security Identity Manager 6.0.0 allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 153750. | |||||
| CVE-2018-1552 | 1 Ibm | 1 Robotic Process Automation With Automation Anywhere | 2024-11-21 | 9.3 HIGH | 5.5 MEDIUM |
| IBM Robotic Process Automation with Automation Anywhere 10.0 and 11.0 allows a remote attacker to execute arbitrary code on the system, caused by a missing restriction in which file types can be uploaded to the control room. By uploading a malicious file and tricking a victim to run it, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 142889. | |||||
| CVE-2018-1453 | 1 Ibm | 1 Security Identity Manager | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| IBM Security Identity Manager Virtual Appliance 7.0 allows an authenticated attacker to upload or transfer files of dangerous types that can be automatically processed within the environment. IBM X-Force ID: 140055. | |||||
| CVE-2018-1342 | 1 Netiq | 1 Access Manager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A Vulnerability exists on Admin Console where an attacker can upload files to the Admin Console server, and potentially execute them. This impacts NetIQ Access Manager versions 4.3 and 4.4 as well as the Administrative console. | |||||
| CVE-2018-1265 | 2 Cloudfoundry, Pivotal Software | 2 Cf-deployment, Cloud Foundry Diego | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Cloud Foundry Diego, release versions prior to 2.8.0, does not properly sanitize file paths in tar and zip files headers. A remote attacker with CF admin privileges can upload a malicious buildpack that will allow a complete takeover of a Diego Cell VM and access to all apps running on that Diego Cell. | |||||
| CVE-2018-1215 | 1 Dell | 4 Emc Solutions Enabler Virtual Appliance, Emc Unisphere For Vmax Virtual Appliance, Emc Vasa Virtual Appliance and 1 more | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| An arbitrary file upload vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement): Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.18, Dell EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.21, Dell EMC VASA Virtual Appliance versions prior to 8.4.0.514, and Dell EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier). A remote authenticated malicious user may potentially upload arbitrary maliciously crafted files in any location on the web server. By chaining this vulnerability with CVE-2018-1216, the attacker may use the default account to exploit this vulnerability. | |||||
| CVE-2018-19798 | 1 Fleetco | 1 Fleet Maintenance Management | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Fleetco Fleet Maintenance Management (FMM) 1.2 and earlier allows uploading an arbitrary ".php" file with the application/x-php Content-Type to the accidents_add.php?submit=1 URI, as demonstrated by the value_Images_1 field, which leads to remote command execution on the remote server. Any authenticated user can exploit this. | |||||
| CVE-2018-19789 | 2 Debian, Sensiolabs | 2 Debian Linux, Symfony | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9, and 4.2.x before 4.2.1. When using the scalar type hint `string` in a setter method (e.g. `setName(string $name)`) of a class that's the `data_class` of a form, and when a file upload is submitted to the corresponding field instead of a normal text input, then `UploadedFile::__toString()` is called which will then return and disclose the path of the uploaded file. If combined with a local file inclusion issue in certain circumstances this could escalate it to a Remote Code Execution. | |||||
| CVE-2018-19692 | 1 Tp5cms Project | 1 Tp5cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in tp5cms through 2017-05-25. admin.php/upload/picture.html allows remote attackers to execute arbitrary PHP code by uploading a .php file with the image/jpeg content type. | |||||
| CVE-2018-19612 | 1 Westermo | 6 Dr-250, Dr-250 Firmware, Dr-260 and 3 more | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| The /uploadfile? functionality in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allows remote users to upload malicious file types and execute ASP code. | |||||
| CVE-2018-19562 | 1 Phpok | 1 Phpok | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in PHPok 4.9.015. admin.php?c=update&f=unzip allows remote attackers to execute arbitrary code via a "Login Background > Program Upgrade > Compressed Packet Upgrade" action in which a .php file is inside a ZIP archive. | |||||
| CVE-2018-19550 | 1 Interspire | 1 Email Marketer | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Interspire Email Marketer through 6.1.6 allows arbitrary file upload via a surveys_submit.php "create survey and submit survey" operation, which can cause a .php file to be accessible under a admin/temp/surveys/ URI. | |||||
| CVE-2018-19537 | 1 Tp-link | 2 Archer C5, Archer C5 Firmware | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| TP-Link Archer C5 devices through V2_160201_US allow remote command execution via shell metacharacters on the wan_dyn_hostname line of a configuration file that is encrypted with the 478DA50BF9E3D2CF key and uploaded through the web GUI by using the web admin account. The default password of admin may be used in some cases. | |||||
| CVE-2018-19514 | 1 Ens | 1 Webgalamb | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In Webgalamb through 7.0, an arbitrary code execution vulnerability could be exploited remotely without authentication. Exploitation requires authentication bypass to access administrative functions of the site to upload a crafted CSV file with a malicious payload that becomes part of a PHP eval() expression in the subscriber.php file. | |||||
| CVE-2018-19457 | 1 Logicspice | 1 Faq Script | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Logicspice FAQ Script 2.9.7 allows uploading arbitrary files, which leads to remote command execution via admin/faqs/faqimages with a .php file. | |||||
| CVE-2018-19453 | 1 Kentico | 1 Kentico Cms | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Kentico CMS before 11.0.45 allows unrestricted upload of a file with a dangerous type. | |||||
| CVE-2018-19424 | 1 Clippercms | 1 Clippercms | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| ClipperCMS 1.3.3 allows remote authenticated administrators to upload .htaccess files. | |||||
| CVE-2018-19423 | 1 Codiad | 1 Codiad | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Codiad 2.8.4 allows remote authenticated administrators to execute arbitrary code by uploading an executable file. | |||||
| CVE-2018-19422 | 1 Intelliants | 1 Subrion Cms | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| /panel/uploads in Subrion CMS 4.2.1 allows remote attackers to execute arbitrary PHP code via a .pht or .phar file, because the .htaccess file omits these. | |||||