Total
4073 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-19562 | 1 Phpok | 1 Phpok | 2026-06-17 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in PHPok 4.9.015. admin.php?c=update&f=unzip allows remote attackers to execute arbitrary code via a "Login Background > Program Upgrade > Compressed Packet Upgrade" action in which a .php file is inside a ZIP archive. | |||||
| CVE-2018-19550 | 1 Interspire | 1 Email Marketer | 2026-06-17 | 6.5 MEDIUM | 8.8 HIGH |
| Interspire Email Marketer through 6.1.6 allows arbitrary file upload via a surveys_submit.php "create survey and submit survey" operation, which can cause a .php file to be accessible under a admin/temp/surveys/ URI. | |||||
| CVE-2018-19537 | 1 Tp-link | 2 Archer C5, Archer C5 Firmware | 2026-06-17 | 9.0 HIGH | 7.2 HIGH |
| TP-Link Archer C5 devices through V2_160201_US allow remote command execution via shell metacharacters on the wan_dyn_hostname line of a configuration file that is encrypted with the 478DA50BF9E3D2CF key and uploaded through the web GUI by using the web admin account. The default password of admin may be used in some cases. | |||||
| CVE-2018-19514 | 1 Ens | 1 Webgalamb | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| In Webgalamb through 7.0, an arbitrary code execution vulnerability could be exploited remotely without authentication. Exploitation requires authentication bypass to access administrative functions of the site to upload a crafted CSV file with a malicious payload that becomes part of a PHP eval() expression in the subscriber.php file. | |||||
| CVE-2018-19457 | 1 Logicspice | 1 Faq Script | 2026-06-17 | 6.5 MEDIUM | 7.2 HIGH |
| Logicspice FAQ Script 2.9.7 allows uploading arbitrary files, which leads to remote command execution via admin/faqs/faqimages with a .php file. | |||||
| CVE-2018-19453 | 1 Kentico | 1 Xperience | 2026-06-17 | 6.8 MEDIUM | 8.8 HIGH |
| Kentico CMS before 11.0.45 allows unrestricted upload of a file with a dangerous type. | |||||
| CVE-2018-19424 | 1 Clippercms | 1 Clippercms | 2026-06-17 | 6.5 MEDIUM | 7.2 HIGH |
| ClipperCMS 1.3.3 allows remote authenticated administrators to upload .htaccess files. | |||||
| CVE-2018-19423 | 1 Codiad | 1 Codiad | 2026-06-17 | 6.5 MEDIUM | 7.2 HIGH |
| Codiad 2.8.4 allows remote authenticated administrators to execute arbitrary code by uploading an executable file. | |||||
| CVE-2018-19422 | 1 Intelliants | 1 Subrion Cms | 2026-06-17 | 6.5 MEDIUM | 7.2 HIGH |
| /panel/uploads in Subrion CMS 4.2.1 allows remote attackers to execute arbitrary PHP code via a .pht or .phar file, because the .htaccess file omits these. | |||||
| CVE-2018-19421 | 1 Get-simple | 1 Getsimple Cms | 2026-06-17 | 4.0 MEDIUM | 3.8 LOW |
| In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but Internet Explorer render HTML elements in a .eml file, because of admin/upload-uploadify.php, and validate_safe_file in admin/inc/security_functions.php. | |||||
| CVE-2018-19420 | 1 Get-simple | 1 Getsimple Cms | 2026-06-17 | 4.0 MEDIUM | 3.8 LOW |
| In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but there are several alternative cases in which HTML can be executed, such as a file with no extension or an unrecognized extension (e.g., the test or test.asdf filename), because of admin/upload-uploadify.php, and validate_safe_file in admin/inc/security_functions.php. | |||||
| CVE-2018-19355 | 2 Mypresta, Prestashop | 2 Customer Files Upload, Prestashop | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| modules/orderfiles/ajax/upload.php in the Customer Files Upload addon 2018-08-01 for PrestaShop (1.5 through 1.7) allows remote attackers to execute arbitrary code by uploading a php file via modules/orderfiles/upload.php with auptype equal to product (for upload destinations under modules/productfiles), order (for upload destinations under modules/files), or cart (for upload destinations under modules/cartfiles). | |||||
| CVE-2018-19126 | 1 Prestashop | 1 Prestashop | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remote attackers to execute arbitrary code via a file upload. | |||||
| CVE-2018-18942 | 1 Basercms | 1 Basercms | 2026-06-17 | 6.5 MEDIUM | 7.2 HIGH |
| In baserCMS before 4.1.4, lib\Baser\Model\ThemeConfig.php allows remote attackers to execute arbitrary PHP code via the admin/theme_configs/form data[ThemeConfig][logo] parameter. | |||||
| CVE-2018-18934 | 1 Popojicms | 1 Popojicms | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in PopojiCMS v2.0.1. admin_component.php is exploitable via the po-admin/route.php?mod=component&act=addnew URI by using the fupload parameter to upload a ZIP file containing arbitrary PHP code (that is extracted and can be executed). This can also be exploited via CSRF. | |||||
| CVE-2018-18930 | 1 Trms | 1 Carousel Digital Signage | 2026-06-17 | 6.5 MEDIUM | 8.8 HIGH |
| The Tightrope Media Carousel digital signage product 7.0.4.104 contains an arbitrary file upload vulnerability in the Manage Bulletins/Upload feature, which can be leveraged to gain remote code execution. An authenticated attacker can upload a crafted ZIP file (based on an exported backup of existing "Bulletins") containing a malicious file. When uploaded, the system only checks for the presence of the needed files within the ZIP and, as long as the malicious file is named properly, will extract all contained files to a new directory on the system, named with a random GUID. The attacker can determine this GUID by previewing an image from the uploaded Bulletin within the web UI. Once the GUID is determined, the attacker can navigate to the malicious file and execute it. In testing, an ASPX web shell was uploaded, allowing for remote-code execution in the context of a restricted IIS user. | |||||
| CVE-2018-18888 | 1 Laravelcms Project | 1 Laravelcms | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in laravelCMS through 2018-04-02. \app\Http\Controllers\Backend\ProfileController.php allows upload of arbitrary PHP files because the file extension is not properly checked and uploaded files are not properly renamed. | |||||
| CVE-2018-18874 | 1 Nconsulting | 1 Nc-cms | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| nc-cms through 2017-03-10 allows remote attackers to execute arbitrary PHP code via the "Upload File or Image" feature, with a .php filename and "Content-Type: application/octet-stream" to the index.php?action=file_manager_upload URI. | |||||
| CVE-2018-18830 | 1 Mingsoft | 1 Mcms | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in com\mingsoft\basic\action\web\FileAction.java in MCMS 4.6.5. Since the upload interface does not verify the user login status, you can use this interface to upload files without setting a cookie. First, start an upload of JSP code with a .png filename, and then intercept the data packet. In the name parameter, change the suffix to jsp. In the response, the server returns the storage path of the file, which can be accessed to execute arbitrary JSP code. | |||||
| CVE-2018-18793 | 1 School Event Management System Project | 1 School Event Management System | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| School Event Management System 1.0 allows Arbitrary File Upload via event/controller.php?action=photos. | |||||