Total
3006 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-9157 | 1 Axis | 2 M1033-w, M1033-w Firmware | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
| An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. The upload web page doesn't verify the file type, and an attacker can upload a webshell by making a fileUpload.shtml request for a custom .shtml file, which is interpreted by the Apache HTTP Server mod_include module with "<!--#exec cmd=" support. The file needs to include a specific string to meet the internal system architecture. After the webshell upload, an attacker can use the webshell to perform remote code execution such as running a system command (ls, ping, cat /etc/passwd, etc.). NOTE: the vendor reportedly indicates that this is an intended feature or functionality | |||||
| CVE-2018-9156 | 1 Axis | 2 P1354, P1354 Firmware | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
| An issue was discovered on AXIS P1354 (IP camera) Firmware version 5.90.1.1 devices. The upload web page doesn't verify the file type, and an attacker can upload a webshell by making a fileUpload.shtml request for a custom .shtml file, which is interpreted by the Apache HTTP Server mod_include module with "<!--#exec cmd=" support. The file needs to include a specific string to meet the internal system architecture. After the webshell upload, an attacker can use the webshell to perform remote code execution such as running a system command (ls, ping, cat /etc/passwd, etc.). NOTE: the vendor reportedly indicates that this is an intended feature or functionality | |||||
| CVE-2018-9153 | 1 Zblogcn | 1 Z-blogphp | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| The plugin upload component in Z-BlogPHP 1.5.1 allows remote attackers to execute arbitrary PHP code via the app_id parameter to zb_users/plugin/AppCentre/plugin_edit.php because of an unanchored regular expression, a different vulnerability than CVE-2018-8893. The component must be accessed directly by an administrator, or through CSRF. | |||||
| CVE-2018-9037 | 1 Monstra | 1 Monstra | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Monstra CMS 3.0.4 allows remote code execution via an upload_file request for a .zip file, which is automatically extracted and may contain .php files. | |||||
| CVE-2018-8944 | 1 Phpok | 1 Phpok | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| PHPOK 4.8.338 has an arbitrary file upload vulnerability. | |||||
| CVE-2018-8766 | 1 Joyplus-cms Project | 1 Joyplus-cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| joyplus-cms 1.6.0 allows Remote Code Execution because of an Arbitrary File Upload issue in manager/editor/upload.php, related to manager/admin_vod.php?action=add. | |||||
| CVE-2018-7836 | 1 Schneider-electric | 1 Iiot Monitor | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An unrestricted Upload of File with Dangerous Type vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow upload and execution of malicious files. | |||||
| CVE-2018-7665 | 1 Clip-bucket | 1 Clipbucket | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in ClipBucket before 4.0.0 Release 4902. A malicious file can be uploaded via the name parameter to actions/beats_uploader.php or actions/photo_uploader.php, or the coverPhoto parameter to edit_account.php. | |||||
| CVE-2018-7567 | 1 Otrs | 1 Otrs | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| In the Admin Package Manager in Open Ticket Request System (OTRS) 5.0.0 through 5.0.24 and 6.0.0 through 6.0.1, authenticated admins are able to exploit a Blind Remote Code Execution vulnerability by loading a crafted opm file with an embedded CodeInstall element to execute a command on the server during package installation. NOTE: the vendor disputes this issue stating "the behaviour is as designed and needed for different packages to be installed", "there is a security warning if the package is not verified by OTRS Group", and "there is the possibility and responsibility of an admin to check packages before installation which is possible as they are not binary. | |||||
| CVE-2018-7562 | 1 Glpi-project | 1 Glpi | 2024-11-21 | 6.0 MEDIUM | 7.5 HIGH |
| A remote code execution issue was discovered in GLPI through 9.2.1. There is a race condition that allows temporary access to an uploaded executable file that will be disallowed. The application allows an authenticated user to upload a file when he/she creates a new ticket via front/fileupload.php. This feature is protected using different types of security features like the check on the file's extension. However, the application uploads and creates a file, though this file is not allowed, and then deletes the file in the uploadFiles method in inc/glpiuploaderhandler.class.php. | |||||
| CVE-2018-7505 | 1 Advantech | 4 Webaccess, Webaccess\/nms, Webaccess Dashboard and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, a TFTP application has unrestricted file uploads to the web application without authorization, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2018-7316 | 1 Christianwebministries | 1 Proclaim | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Arbitrary File Upload exists in the Proclaim 9.1.1 component for Joomla! via a mediafileform action. | |||||
| CVE-2018-7217 | 1 Tejari | 1 Bravo Solution | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| In Bravo Tejari Procurement Portal, uploaded files are not properly validated by the application either on the client or the server side. An attacker can take advantage of this vulnerability and upload malicious executable files to compromise the application, as demonstrated by an esop/evm/OPPreliminaryForms.do?formId=857 request. | |||||
| CVE-2018-6860 | 1 Schools Alert Management Script Project | 1 Schools Alert Management Script | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Arbitrary File Upload and Remote Code Execution exist in PHP Scripts Mall Schools Alert Management Script 2.0.2 via a profile picture. | |||||
| CVE-2018-6580 | 1 Janguo | 1 Jimtawl | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Arbitrary file upload exists in the Jimtawl 2.1.6 and 2.2.5 component for Joomla! via a view=upload&task=upload&pop=true&tmpl=component request. | |||||
| CVE-2018-6411 | 1 Machform | 1 Machform | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Appnitro MachForm before 4.2.3. When the form is set to filter a blacklist, it automatically adds dangerous extensions to the filters. If the filter is set to a whitelist, the dangerous extensions can be bypassed through ap_form_elements SQL Injection. | |||||
| CVE-2018-6152 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2024-11-21 | 6.8 MEDIUM | 9.6 CRITICAL |
| The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page and user interaction. | |||||
| CVE-2018-5997 | 1 Ravpower | 1 Filehub Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in the HTTP Server in RAVPower Filehub 2.000.056. Due to an unrestricted upload feature and a path traversal vulnerability, it is possible to upload a file on a filesystem with root privileges: this will lead to remote code execution as root. | |||||
| CVE-2018-5749 | 2 Minecraft Servers List Lite Project, Premium Minecraft Servers List Project | 2 Minecraft Servers List Lite, Premium Minecraft Servers List | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| install.php in Minecraft Servers List Lite before commit c1cd164 and Premium Minecraft Servers List before 2.0.4 does not sanitize input before saving database connection information in connect.php, which might allow remote attackers to execute arbitrary PHP code via the (1) database_server, (2) database_user, (3) database_password, or (4) database_name parameter. | |||||
| CVE-2018-5724 | 1 Barni | 2 Master Ip Camera01, Master Ip Camera01 Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Download and Upload, as demonstrated by restore.cgi. | |||||