Total
3416 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-12956 | 1 1000projects | 1 Portfolio Management System Mca | 2025-04-22 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0 and classified as critical. This issue affects some unknown processing of the file /add_achievement_details.php. The manipulation of the argument ach_certy leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-12954 | 1 1000projects | 1 Portfolio Management System Mca | 2025-04-22 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability, which was classified as critical, was found in 1000 Projects Portfolio Management System MCA 1.0. This affects an unknown part of the file /update_ach.php. The manipulation of the argument ach_certy leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-12953 | 1 1000projects | 1 Portfolio Management System Mca | 2025-04-22 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability, which was classified as critical, has been found in 1000 Projects Portfolio Management System MCA 1.0. Affected by this issue is some unknown functionality of the file /update_pd_process.php. The manipulation of the argument profile leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-12951 | 1 1000projects | 1 Portfolio Management System Mca | 2025-04-22 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability classified as critical has been found in 1000 Projects Portfolio Management System MCA 1.0. Affected is an unknown function of the file /add_personal_details.php. The manipulation of the argument profile leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2020-20588 | 1 Ibarn Project | 1 Ibarn | 2025-04-21 | N/A | 8.8 HIGH |
| File upload vulnerability in function upload in action/Core.class.php in zhimengzhe iBarn 1.5 allows remote attackers to run arbitrary code via avatar upload to index.php. | |||||
| CVE-2024-56828 | 1 1000mz | 1 Chestnutcms | 2025-04-21 | N/A | 9.8 CRITICAL |
| File Upload vulnerability in ChestnutCMS through 1.5.0. Based on the code analysis, it was determined that the /api/member/avatar API endpoint receives a base64 string as input. This string is then passed to the memberService.uploadAvatarByBase64 method for processing. Within the service, the base64-encoded image is parsed. For example, given a string like: data:image/html;base64,PGh0bWw+PGltZyBzcmM9eCBvbmVycm9yPWFsZXJ0KDEpPjwvaHRtbD4= the content after the comma is extracted and decoded using Base64.getDecoder().decode(). The substring from the 11th character up to the first occurrence of a semicolon (;) is assigned to the suffix variable (representing the file extension). The decoded content is then written to a file. However, the file extension is not validated, and since this functionality is exposed to the frontend, it poses significant security risks. | |||||
| CVE-2022-45338 | 1 Exactsoftware | 1 Exact Synergy | 2025-04-21 | N/A | 7.8 HIGH |
| An arbitrary file upload vulnerability in the profile picture upload function of Exact Synergy Enterprise 267 before 267SP13 and Exact Synergy Enterprise 500 before 500SP6 allows attackers to execute arbitrary code via a crafted SVG file. | |||||
| CVE-2024-42523 | 1 Publiccms | 1 Publiccms | 2025-04-21 | N/A | 7.2 HIGH |
| publiccms V4.0.202302.e and before is vulnerable to Any File Upload via publiccms/admin/cmsTemplate/saveMetaData | |||||
| CVE-2021-4455 | 2025-04-21 | N/A | 9.8 CRITICAL | ||
| The Wordpress Plugin Smart Product Review plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 1.0.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. | |||||
| CVE-2025-1093 | 2025-04-21 | N/A | 9.8 CRITICAL | ||
| The AIHub theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the generate_image function in all versions up to, and including, 1.3.7. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. | |||||
| CVE-2025-3807 | 2025-04-21 | 6.5 MEDIUM | 6.3 MEDIUM | ||
| A vulnerability, which was classified as critical, was found in zhenfeng13 My-BBS 1.0. This affects the function Upload of the file src/main/java/com/my/bbs/controller/common/UploadController.java of the component Endpoint. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2017-5520 | 1 Metalgenix | 1 Genixcms | 2025-04-20 | 6.5 MEDIUM | 8.8 HIGH |
| The media rename feature in GeniXCMS through 0.0.8 does not consider alternative PHP file extensions when checking uploaded files for PHP content, which enables a user to rename and execute files with the `.php6`, `.php7` and `.phtml` extensions. | |||||
| CVE-2017-11756 | 1 Earcms | 1 Ear Music | 2025-04-20 | 6.0 MEDIUM | 7.0 HIGH |
| In Earcms Ear Music through 4.1 build 20170710, remote authenticated users can execute arbitrary PHP code by changing the allowable music-upload extensions to include .php in addition to .mp3 and .m4a in admin.php?iframe=config_upload, and then using user.php/music/add/ to upload the code. | |||||
| CVE-2017-13156 | 1 Google | 1 Android | 2025-04-20 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in the Android system (art). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-64211847. | |||||
| CVE-2017-7695 | 1 Bigtreecms | 1 Bigtree Cms | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| Unrestricted File Upload exists in BigTree CMS before 4.2.17: if an attacker uploads an 'xxx.php[space]' file, they could bypass a safety check and execute any code. | |||||
| CVE-2017-15876 | 1 Sistemagpweb | 1 Gpweb | 2025-04-20 | 9.0 HIGH | 7.2 HIGH |
| Unrestricted File Upload vulnerability in GPWeb 8.4.61 allows remote authenticated users to upload any type of file, including a PHP shell. | |||||
| CVE-2017-9840 | 1 Dolibarr | 1 Dolibarr | 2025-04-20 | 6.5 MEDIUM | 8.8 HIGH |
| Dolibarr ERP/CRM 5.0.3 and prior allows low-privilege users to upload files of dangerous types, which can result in arbitrary code execution within the context of the vulnerable application. | |||||
| CVE-2015-8249 | 1 Manageengine | 1 Desktop Central | 2025-04-20 | 10.0 HIGH | 9.8 CRITICAL |
| The FileUploadServlet class in ManageEngine Desktop Central 9 before build 91093 allows remote attackers to upload and execute arbitrary files via the ConnectionId parameter. | |||||
| CVE-2017-4990 | 1 Emc | 1 Avamar Server | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| In EMC Avamar Server Software 7.4.1-58, 7.4.0-242, 7.3.1-125, 7.3.0-233, 7.3.0-226, an unauthorized attacker may leverage the file upload feature of the system maintenance page to load a maliciously crafted file to any directory which could allow the attacker to execute arbitrary code on the Avamar Server system. | |||||
| CVE-2017-16524 | 2 Hanwhasecurity, Samsung | 2 Web Viewer, Srn-1670d | 2025-04-20 | 6.5 MEDIUM | 8.8 HIGH |
| Web Viewer 1.0.0.193 on Samsung SRN-1670D devices suffers from an Unrestricted file upload vulnerability: 'network_ssl_upload.php' allows remote authenticated attackers to upload and execute arbitrary PHP code via a filename with a .php extension, which is then accessed via a direct request to the file in the upload/ directory. To authenticate for this attack, one can obtain web-interface credentials in cleartext by leveraging the existing Local File Read Vulnerability referenced as CVE-2015-8279, which allows remote attackers to read the web-interface credentials via a request for the cslog_export.php?path=/root/php_modules/lighttpd/sbin/userpw URI. | |||||