Total
4066 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-3832 | 1 Insteon | 2 Hub 2245-222, Hub 2245-222 Firmware | 2026-06-17 | 8.5 HIGH | 9.0 CRITICAL |
| An exploitable firmware update vulnerability exists in Insteon Hub running firmware version 1013. The HTTP server allows for uploading arbitrary MPFS binaries that could be modified to enable access to hidden resources which allow for uploading unsigned firmware images to the device. To trigger this vulnerability, an attacker can upload an MPFS binary via the '/mpfsupload' HTTP form and later on upload the firmware via a POST request to 'firmware.htm'. | |||||
| CVE-2018-3814 | 1 Craftcms | 1 Craft Cms | 2026-06-17 | 6.5 MEDIUM | 8.8 HIGH |
| Craft CMS 2.6.3000 allows remote attackers to execute arbitrary PHP code by using the "Assets->Upload files" screen and then the "Replace it" option, because this allows a .jpg file to have embedded PHP code, and then be renamed to a .php extension. | |||||
| CVE-2018-3758 | 1 Express-cart Project | 1 Express-cart | 2026-06-17 | 9.0 HIGH | 8.8 HIGH |
| Unrestricted file upload (RCE) in express-cart module before 1.1.7 allows a privileged user to gain access in the hosting machine. | |||||
| CVE-2018-2420 | 1 Sap | 1 Internet Graphics Server | 2026-06-17 | 7.5 HIGH | 6.5 MEDIUM |
| SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to upload any file (including script files) without proper file format validation. | |||||
| CVE-2018-2404 | 1 Sap | 1 Disclosure Management | 2026-06-17 | 7.5 HIGH | 4.3 MEDIUM |
| SAP Disclosure Management 10.1 allows an attacker to upload any file without proper file format validation. | |||||
| CVE-2018-25436 | 2026-06-17 | N/A | 9.8 CRITICAL | ||
| WordPress Plugin Baggage Freight Shipping Australia 0.1.0 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files by exploiting the upload-package.php endpoint. Attackers can submit POST requests with malicious file extensions to the upload handler, which moves files without validation to the plugin upload directory, enabling remote code execution. | |||||
| CVE-2018-25409 | 2026-06-17 | N/A | 8.8 HIGH | ||
| SIM-PKH 2.4.1 contains an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by submitting PHP code through the fupload parameter. Attackers can upload PHP files via the aksi_pengurus.php endpoint with module=pengurus and act=update parameters, which are stored in the foto directory and executed as web scripts. | |||||
| CVE-2018-25388 | 2026-06-17 | N/A | 8.8 HIGH | ||
| HaPe PKH 1.1 contains an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by bypassing file type validation. Attackers can upload PHP files through multiple endpoints including aksi_foto.php, aksi_user.php, and aksi_kecamatan.php to execute arbitrary code on the server. | |||||
| CVE-2018-25258 | 2026-06-17 | N/A | 8.4 HIGH | ||
| RGui 3.5.0 contains a local buffer overflow vulnerability in the GUI preferences dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers can craft malicious input in the Language for menus and messages field to trigger a stack-based buffer overflow, execute a ROP chain for VirtualAlloc allocation, and achieve arbitrary code execution. | |||||
| CVE-2018-25171 | 2026-06-17 | N/A | 8.2 HIGH | ||
| EdTv 2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to the admin/edit_source endpoint with crafted SQL UNION statements to extract database information including schema names, user credentials, and version details. | |||||
| CVE-2018-25168 | 2026-06-17 | N/A | 4.3 MEDIUM | ||
| Precurio Intranet Portal 2.0 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create administrative user accounts by submitting crafted POST requests. Attackers can forge requests to the /public/admin/user/submitnew endpoint with user creation parameters to add new admin accounts without requiring CSRF tokens or user interaction. | |||||
| CVE-2018-25162 | 2026-06-17 | N/A | 6.5 MEDIUM | ||
| 2-Plan Team 1.0.4 contains an arbitrary file upload vulnerability that allows authenticated attackers to upload executable PHP files by sending multipart form data to managefile.php. Attackers can upload PHP files through the userfile1 parameter with action=upload, which are stored in the files directory and executed by the web server for remote code execution. | |||||
| CVE-2018-25158 | 2026-06-17 | N/A | 8.8 HIGH | ||
| Chamilo LMS 1.11.8 contains an arbitrary file upload vulnerability that allows authenticated users to upload and execute PHP files through the elfinder filemanager module. Attackers can upload files with image headers in the social myfiles section, rename them to PHP extensions, and execute arbitrary code by accessing the uploaded files. | |||||
| CVE-2018-25114 | 2026-06-17 | N/A | N/A | ||
| A remote code execution vulnerability exists within osCommerce Online Merchant version 2.3.4.1 due to insecure default configuration and missing authentication in the installer workflow. By default, the /install/ directory remains accessible after installation. An unauthenticated attacker can invoke install_4.php, submit crafted POST data, and inject arbitrary PHP code into the configure.php file. When the application later includes this file, the injected payload is executed, resulting in full server-side compromise. | |||||
| CVE-2018-25019 | 1 Learndash | 1 Learndash | 2026-06-17 | 5.0 MEDIUM | 7.5 HIGH |
| The LearnDash LMS WordPress plugin before 2.5.4 does not have any authorisation and validation of the file to be uploaded in the learndash_assignment_process_init() function, which could allow unauthenticated users to upload arbitrary files to the web server | |||||
| CVE-2018-21244 | 1 Foxitsoftware | 1 Phantompdf | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Foxit PhantomPDF before 8.3.6. It allows arbitrary application execution via an embedded executable file in a PDF portfolio, aka FG-VD-18-029. | |||||
| CVE-2018-21243 | 1 Foxitsoftware | 1 Phantompdf | 2026-06-17 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Foxit PhantomPDF before 8.3.6. It has COM object mishandling when Microsoft Word is used. | |||||
| CVE-2018-21024 | 1 Centreon | 1 Centreon | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| licenseUpload.php in Centreon Web before 2.8.27 allows attackers to upload arbitrary files via a POST request. | |||||
| CVE-2018-20926 | 1 Cpanel | 1 Cpanel | 2026-06-17 | 7.2 HIGH | 6.7 MEDIUM |
| cPanel before 70.0.23 allows local privilege escalation via the WHM Locale XML Upload interface (SEC-380). | |||||
| CVE-2018-20925 | 1 Cpanel | 1 Cpanel | 2026-06-17 | 4.6 MEDIUM | 6.7 MEDIUM |
| cPanel before 70.0.23 allows local privilege escalation via the WHM Legacy Language File Upload interface (SEC-379). | |||||