Total
2975 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-36623 | 1 Phone Shop Sales Management System Project | 1 Phone Shop Sales Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Arbitrary File Upload in Sourcecodester Phone Shop Sales Management System 1.0 enables RCE. | |||||
| CVE-2021-36622 | 1 Online Covid Vaccination Scheduler System Project | 1 Online Covid Vaccination Scheduler System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Sourcecodester Online Covid Vaccination Scheduler System 1.0 is affected vulnerable to Arbitrary File Upload. The admin panel has an upload function of profile photo accessible at http://localhost/scheduler/admin/?page=user. An attacker could upload a malicious file such as shell.php with the Content-Type: image/png. Then, the attacker have to visit the uploaded profile photo to access the shell. | |||||
| CVE-2021-36582 | 1 Kooboo | 1 Kooboo Cms | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| In Kooboo CMS 2.1.1.0, it is possible to upload a remote shell (e.g., aspx) to the server and then call upon it to receive a reverse shell from the victim server. The files are uploaded to /Content/Template/root/reverse-shell.aspx and can be simply triggered by browsing that URL. | |||||
| CVE-2021-36581 | 1 Kooboo | 1 Kooboo Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Kooboo CMS 2.1.1.0 is vulnerable to Insecure file upload. It is possible to upload any file extension to the server. The server does not verify the extension of the file and the tester was able to upload an aspx to the server. | |||||
| CVE-2021-36548 | 1 Monstra | 1 Monstra | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A remote code execution (RCE) vulnerability in the component /admin/index.php?id=themes&action=edit_template&filename=blog of Monstra v3.0.4 allows attackers to execute arbitrary commands via a crafted PHP file. | |||||
| CVE-2021-36547 | 1 Mara Cms Project | 1 Mara Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A remote code execution (RCE) vulnerability in the component /codebase/dir.php?type=filenew of Mara v7.5 allows attackers to execute arbitrary commands via a crafted PHP file. | |||||
| CVE-2021-36461 | 1 Microweber | 1 Microweber | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| An Arbitrary File Upload vulnerability exists in Microweber 1.1.3 that allows attackers to getshell via the Settings Upload Picture section by uploading pictures with malicious code, user.ini. | |||||
| CVE-2021-36440 | 1 Showdoc | 1 Showdoc | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Unrestricted File Upload in ShowDoc v2.9.5 allows remote attackers to execute arbitrary code via the 'file_url' parameter in the component AdminUpdateController.class.php'. | |||||
| CVE-2021-36356 | 1 Kramerav | 1 Viaware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| KRAMER VIAware through August 2021 allows remote attackers to execute arbitrary code because ajaxPages/writeBrowseFilePathAjax.php accepts arbitrary executable pathnames (even though browseSystemFiles.php is no longer reachable via the GUI). NOTE: this issue exists because of an incomplete fix for CVE-2019-17124. | |||||
| CVE-2021-36121 | 1 Echobh | 1 Sharecare | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in Echo ShareCare 8.15.5. The file-upload feature in Access/DownloadFeed_Mnt/FileUpload_Upd.cfm is susceptible to an unrestricted upload vulnerability via the name1 parameter, when processing remote input from an authenticated user, leading to the ability for arbitrary files to be written to arbitrary filesystem locations via ../ Directory Traversal on the Z: drive (a hard-coded drive letter where ShareCare application files reside) and remote code execution as the ShareCare service user (NT AUTHORITY\SYSTEM). | |||||
| CVE-2021-36042 | 1 Adobe | 2 Adobe Commerce, Magento Open Source | 2024-11-21 | 6.5 MEDIUM | 9.1 CRITICAL |
| Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability in the API File Option Upload Extension. An attacker with Admin privileges can achieve unrestricted file upload which can result in remote code execution. | |||||
| CVE-2021-36040 | 1 Adobe | 2 Adobe Commerce, Magento Open Source | 2024-11-21 | 6.5 MEDIUM | 9.1 CRITICAL |
| Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An attacker with admin privileges can upload a specially crafted file to bypass file extension restrictions and could lead to remote code execution. | |||||
| CVE-2021-35963 | 1 Learningdigital | 1 Orca Hcm | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| The specific parameter of upload function of the Orca HCM digital learning platform does not filter file format, which allows remote unauthenticated attackers to upload files containing malicious script to execute RCE attacks. | |||||
| CVE-2021-35532 | 1 Hitachienergy | 2 Txpert Hub Coretec 4, Txpert Hub Coretec 4 Firmware | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
| A vulnerability exists in the file upload validation part of Hitachi Energy TXpert Hub CoreTec 4 product. The vulnerability allows an attacker or malicious agent who manages to gain access to the system and obtain an account with sufficient privilege to upload a malicious firmware to the product. This issue affects: Hitachi Energy TXpert Hub CoreTec 4 version 2.0.0; 2.0.1; 2.1.0; 2.1.1; 2.1.2; 2.1.3; 2.2.0; 2.2.1. | |||||
| CVE-2021-35290 | 1 Balero Cms Project | 1 Balero Cms | 2024-11-21 | N/A | 7.2 HIGH |
| File Upload vulnerability in balerocms-src 0.8.3 allows remote attackers to run arbitrary code via rich text editor on /admin/main/mod-blog page. | |||||
| CVE-2021-35244 | 2 Microsoft, Solarwinds | 2 Windows, Orion Platform | 2024-11-21 | 8.5 HIGH | 6.8 MEDIUM |
| The "Log alert to a file" action within action management enables any Orion Platform user with Orion alert management rights to write to any file. An attacker with Orion alert management rights could use this vulnerability to perform an unrestricted file upload causing a remote code execution. | |||||
| CVE-2021-34997 | 1 Commvault | 1 Commcell | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the AppStudioUploadHandler class. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this vulnerability to execute code in the context of NETWORK SERVICE. Was ZDI-CAN-13894. | |||||
| CVE-2021-34995 | 1 Commvault | 1 Commcell | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the DownloadCenterUploadHandler class. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this vulnerability to execute code in the context of NETWORK SERVICE. Was ZDI-CAN-13756. | |||||
| CVE-2021-34685 | 1 Hitachi | 1 Vantara Pentaho | 2024-11-21 | 6.5 MEDIUM | 2.7 LOW |
| UploadService in Hitachi Vantara Pentaho Business Analytics through 9.1 does not properly verify uploaded user files, which allows an authenticated user to upload various files of different file types. Specifically, a .jsp file is not allowed, but a .jsp. file is allowed (and leads to remote code execution). | |||||
| CVE-2021-34624 | 1 Properfraction | 1 Profilepress | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability in the file uploader component found in the ~/src/Classes/FileUploader.php file of the ProfilePress WordPress plugin made it possible for users to upload arbitrary files during user registration or during profile updates. This issue affects versions 3.0.0 - 3.1.3. . | |||||