Total
2957 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-16097 | 1 Lenovo | 1 Xclarity Integrator | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System Center versions prior to 3.5, allow an authenticated user to write to any system file due to insufficient sanitization during the upload of a certificate. | |||||
| CVE-2018-16093 | 1 Lenovo | 1 Xclarity Integrator | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| In versions prior to 5.5, LXCI for VMware allows an authenticated user to write to any system file due to insufficient sanitization during the upload of a backup file. | |||||
| CVE-2018-15882 | 1 Joomla | 1 Joomla\! | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Joomla! before 3.8.12. Inadequate checks in the InputFilter class could allow specifically prepared phar files to pass the upload filter. | |||||
| CVE-2018-15537 | 1 Ocsinventory-ng | 1 Ocsinventory Ng | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Unrestricted file upload (with remote code execution) in OCS Inventory NG ocsreports allows a privileged user to gain access to the server via crafted HTTP requests. | |||||
| CVE-2018-15424 | 1 Cisco | 1 Identity Services Engine | 2024-11-21 | 6.5 MEDIUM | 4.7 MEDIUM |
| A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device with the privileges of the web server. | |||||
| CVE-2018-15333 | 1 F5 | 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| On versions 11.2.1. and greater, unrestricted Snapshot File Access allows BIG-IP system's user with any role, including Guest Role, to have access and download previously generated and available snapshot files on the BIG-IP configuration utility such as QKView and TCPDumps. | |||||
| CVE-2018-15139 | 1 Open-emr | 1 Openemr | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Unrestricted file upload in interface/super/manage_site_files.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary PHP code by uploading a file with a PHP extension via the images upload form and accessing it in the images directory. | |||||
| CVE-2018-15137 | 1 Cela Link | 2 Clr-m20, Clr-m20 Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| CeLa Link CLR-M20 devices allow unauthorized users to upload any file (e.g., asp, aspx, cfm, html, jhtml, jsp, or shtml), which causes remote code execution as well. Because of the WebDAV feature, it is possible to upload arbitrary files by utilizing the PUT method. | |||||
| CVE-2018-14911 | 1 Ukcms | 1 Ukcms | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| A file upload vulnerability exists in ukcms v1.1.7 and earlier. The vulnerability is due to the system not strictly filtering the file upload type. An attacker can exploit the vulnerability to upload a script Trojan to admin.php/admin/configset/index/group/upload.html to gain server control by composing a request for a .txt upload and then changing it to a .php upload. The attacker must have admin access to change the upload_file_ext (aka "Allow upload file suffix") setting, and must use "php,php" in this setting to bypass the "php" restriction. | |||||
| CVE-2018-14857 | 1 Ocsinventory-ng | 1 Ocs Inventory Server | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Unrestricted file upload (with remote code execution) in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are permitted. | |||||
| CVE-2018-14570 | 1 Niushop | 1 B2b2c Multi-business | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| A file upload vulnerability in application/shop/controller/member.php in Niushop B2B2C Multi-business basic version V1.11 allows any remote member to upload a .php file to the web server via a profile avatar field, by using an image Content-Type (e.g., image/jpeg) with a modified filename and file content. This results in arbitrary code execution by requesting that .php file. | |||||
| CVE-2018-14441 | 1 Ssh Companywebsite Project | 1 Ssh Companywebsite | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in cckevincyh SSH CompanyWebsite through 2018-05-03. admin/admin/fileUploadAction_fileUpload.action allows arbitrary file upload, as demonstrated by a .jsp file with the image/jpeg content type. | |||||
| CVE-2018-14334 | 1 Joyplus-cms Project | 1 Joyplus-cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| manager/editor/upload.php in joyplus-cms 1.6.0 allows arbitrary file upload because detection of a prohibited file extension simply sets the $errm value, and does not otherwise alter the flow of control. Consequently, one can upload and execute a .php file, a similar issue to CVE-2018-8766. | |||||
| CVE-2018-14028 | 1 Wordpress | 1 Wordpress | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| In WordPress 4.9.7, plugins uploaded via the admin area are not verified as being ZIP files. This allows for PHP files to be uploaded. Once a PHP file is uploaded, the plugin extraction fails, but the PHP file remains in a predictable wp-content/uploads location, allowing for an attacker to then execute the file. This represents a security risk in limited scenarios where an attacker (who does have the required capabilities for plugin uploads) cannot simply place arbitrary PHP code into a valid plugin ZIP file and upload that plugin, because a machine's wp-content/plugins directory permissions were set up to block all new plugins. | |||||
| CVE-2018-13981 | 1 Zeta-producer | 1 Zeta Producer Desktop Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The websites that were built from Zeta Producer Desktop CMS before 14.2.1 are vulnerable to unauthenticated remote code execution due to a default component that permits arbitrary upload of PHP files, because the formmailer widget blocks .php files but not .php5 or .phtml files. This is related to /assets/php/formmailer/SendEmail.php and /assets/php/formmailer/functions.php. | |||||
| CVE-2018-13038 | 1 Opendesa | 1 Opensid | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| OpenSID 18.06-pasca has an Unrestricted File Upload vulnerability via an Attachment Document in the article feature. This vulnerability leads to uploading arbitrary PHP code via a .php filename with the application/pdf Content-Type. | |||||
| CVE-2018-13024 | 1 Metinfo | 1 Metinfo | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Metinfo v6.0.0 allows remote attackers to write code into a .php file, and execute that code, via the module parameter to admin/column/save.php in an editor upload action. | |||||
| CVE-2018-13021 | 1 Hongcms Project | 1 Hongcms | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| An issue was discovered in HongCMS 3.0.0. There is an Arbitrary Script File Upload issue that can result in PHP code execution via the admin/index.php/template/upload URI. | |||||
| CVE-2018-12980 | 1 Wago | 8 762-3000, 762-3000 Firmware, 762-3001 and 5 more | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. The vulnerability allows an authenticated user to upload arbitrary files to the file system with the permissions of the web server. | |||||
| CVE-2018-12940 | 1 Seeddms | 1 Seeddms | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Unrestricted file upload vulnerability in "op/op.UploadChunks.php" in SeedDMS (formerly LetoDMS and MyDMS) before 5.1.8 allows remote attackers to execute arbitrary code by uploading a file with an executable extension specified by the "qqfile" parameter. This allows an authenticated attacker to upload a malicious file containing PHP code to execute operating system commands to the web root of the application. | |||||