Total
2975 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-28428 | 1 Horizontcms Project | 1 Horizontcms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| File upload vulnerability in HorizontCMS before 1.0.0-beta.3 via uploading a .htaccess and *.hello files using the Media Files upload functionality. The original file upload vulnerability (CVE-2020-27387) was remediated by restricting the PHP extensions; however, we confirmed that the filter was bypassed via uploading an arbitrary .htaccess and *.hello files in order to execute PHP code to gain RCE. | |||||
| CVE-2021-28379 | 2 Myvestacp, Vestacp | 2 Myvesta, Vesta Control Panel | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| web/upload/UploadHandler.php in Vesta Control Panel (aka VestaCP) through 0.9.8-27 and myVesta through 0.9.8-26-39 allows uploads from a different origin. | |||||
| CVE-2021-28294 | 1 Online Ordering System Project | 1 Online Ordering System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Online Ordering System 1.0 is vulnerable to arbitrary file upload through /onlineordering/GPST/store/initiateorder.php, which may lead to remote code execution (RCE). | |||||
| CVE-2021-28173 | 1 Deltaflow Project | 1 Deltaflow | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The file upload function of Vangene deltaFlow E-platform does not perform access controlled properly. Remote attackers can upload and execute arbitrary files without login. | |||||
| CVE-2021-28023 | 1 Servicetonic | 1 Servicetonic | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Arbitrary file upload in Service import feature in ServiceTonic Helpdesk software version < 9.0.35937 allows a malicious user to execute JSP code by uploading a zip that extracts files in relative paths. | |||||
| CVE-2021-27984 | 1 Pluck-cms | 1 Pluck | 2024-11-21 | 7.5 HIGH | 8.1 HIGH |
| In Pluck-4.7.15 admin background a remote command execution vulnerability exists when uploading files. | |||||
| CVE-2021-27964 | 1 Sfcyazilim | 1 Sonlogger | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SonLogger before 6.4.1 is affected by Unauthenticated Arbitrary File Upload. An attacker can send a POST request to /Config/SaveUploadedHotspotLogoFile without any authentication or session header. There is no check for the file extension or content of the uploaded file. | |||||
| CVE-2021-27817 | 1 Shopxo | 1 Shopxo | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A remote command execution vulnerability in shopxo 1.9.3 allows an attacker to upload malicious code generated by phar where the suffix is JPG, which is uploaded after modifying the phar suffix. | |||||
| CVE-2021-27771 | 1 Hcltech | 1 Sametime | 2024-11-21 | 6.5 MEDIUM | 8.2 HIGH |
| User SID can be modified resulting in an Arbitrary File Upload or deletion of directories causing a Denial of Service. When interacting in a normal matter with the Sametime chat application, users hold a cookie containing their session ID (SID). This value is also used when sending chat messages, receiving notifications and/or transferring files. | |||||
| CVE-2021-27618 | 1 Sap | 1 Netweaver Process Integration | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
| The Integration Builder Framework of SAP Process Integration versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not check the file type extension of the file uploaded from local source. An attacker could craft a malicious file and upload it to the application, which could lead to denial of service and impact the availability of the application. | |||||
| CVE-2021-27513 | 1 Eyesofnetwork | 1 Eyesofnetwork | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| The module admin_ITSM in EyesOfNetwork 5.3-10 allows remote authenticated users to upload arbitrary .xml.php files because it relies on "le filtre userside." | |||||
| CVE-2021-27489 | 1 Zoll | 1 Defibrillator Dashboard | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| ZOLL Defibrillator Dashboard, v prior to 2.2, The web application allows a non-administrative user to upload a malicious file. This file could allow an attacker to remotely execute arbitrary commands. | |||||
| CVE-2021-27459 | 1 Emerson | 8 X-stream Enhanced Xefd, X-stream Enhanced Xefd Firmware, X-stream Enhanced Xegk and 5 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The webserver of the affected products allows unvalidated files to be uploaded, which an attacker could utilize to execute arbitrary code. | |||||
| CVE-2021-27428 | 1 Ge | 38 Multilin B30, Multilin B30 Firmware, Multilin B90 and 35 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| GE UR IED firmware versions prior to version 8.1x supports upgrading firmware using UR Setup configuration tool – Enervista UR Setup. This UR Setup tool validates the authenticity and integrity of firmware file before uploading the UR IED. An illegitimate user could upgrade firmware without appropriate privileges. The weakness is assessed, and mitigation is implemented in firmware Version 8.10. | |||||
| CVE-2021-27274 | 1 Netgear | 1 Prosafe Network Management System | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MFileUploadController class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-12124. | |||||
| CVE-2021-27198 | 1 Visualware | 1 Myconnection Server | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in Visualware MyConnection Server before v11.1a. Unauthenticated Remote Code Execution can occur via Arbitrary File Upload in the web service when using a myspeed/sf?filename= URI. This application is written in Java and is thus cross-platform. The Windows installation runs as SYSTEM, which means that exploitation gives one Administrator privileges on the target system. | |||||
| CVE-2021-26918 | 1 Probot | 1 Bot | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The ProBot bot through 2021-02-08 for Discord might allow attackers to interfere with the intended purpose of the "Send an image when a user joins the server" feature (or possibly have unspecified other impact) because the uploader web service allows double extensions (such as .html.jpg) with the text/html content type. NOTE: there may not be cases in which an uploader web service is customer controlled; however, the nature of the issue has substantial interaction with customer controlled configuration. NOTE: the vendor states "This is just an uploader (like any other one) which uploads files to cloud storage and accepts various file types. There is no kind of vulnerability and it won't compromise either the client side or the server side. | |||||
| CVE-2021-26828 | 1 Openplcproject | 1 Scadabr | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows remote authenticated users to upload and execute arbitrary JSP files via view_edit.shtm. | |||||
| CVE-2021-26809 | 1 Phpgurukul | 1 Car Rental Portal | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| PHPGurukul Car Rental Project version 2.0 suffers from a remote shell upload vulnerability in changeimage1.php. | |||||
| CVE-2021-26794 | 1 Frogcms Project | 1 Frogcms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Privilege escalation in 'upload.php' in FrogCMS SentCMS v0.9.5 allows attacker to execute arbitrary code via crafted php file. | |||||