Total
3006 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-17442 | 1 Dlink | 1 Central Wifimanager | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. An unrestricted file upload vulnerability in the onUploadLogPic endpoint allows remote authenticated users to execute arbitrary PHP code. | |||||
| CVE-2018-17440 | 1 Dlink | 1 Central Wifimanager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. They expose an FTP server that serves by default on port 9000 and has hardcoded credentials (admin, admin). Taking advantage of this, a remote unauthenticated attacker could execute arbitrary PHP code by uploading any file in the web root directory and then accessing it via a request. | |||||
| CVE-2018-17418 | 1 Monstra | 1 Monstra | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Monstra CMS 3.0.4 allows remote attackers to execute arbitrary PHP code via a mixed-case file extension, as demonstrated by the 123.PhP filename, because plugins\box\filesmanager\filesmanager.admin.php mishandles the forbidden_types variable. | |||||
| CVE-2018-17139 | 1 Ultimatefosters | 1 Ultimatepos | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| UltimatePOS 2.5 allows users to upload arbitrary files, which leads to remote command execution by posting to a /products URI with PHP code in a .php file with the image/jpeg content type. | |||||
| CVE-2018-17058 | 1 Jaba | 1 Jaba Xpress | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in JABA XPress Online Shop through 2018-09-14. It contains an arbitrary file upload vulnerability in the picture-upload feature of ProductEdit.aspx. An authenticated attacker may bypass the frontend filename validation and upload an arbitrary file via FileUploader.aspx.cs in FileUploader.aspx by using empty w and h parameters. This file may contain arbitrary aspx code that may be executed by accessing /Jec/ProductImages/<number>/<filename>. Accessing the file once uploaded does not require authentication. | |||||
| CVE-2018-17055 | 1 Progress | 1 Sitefinity | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An arbitrary file upload vulnerability in Progress Sitefinity CMS versions 4.0 through 11.0 related to image uploads. | |||||
| CVE-2018-16974 | 1 Elefantcms | 1 Elefant | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Elefant CMS before 2.0.7. There is a PHP Code Execution Vulnerability in apps/filemanager/upload/drop.php by using /filemanager/api/rm/.htaccess to remove the .htaccess file, and then using a filename that ends in .php followed by space characters (for bypassing the blacklist). | |||||
| CVE-2018-16821 | 1 Seacms | 1 Seacms | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| SeaCMS 6.64 allows arbitrary directory listing via upload/admin/admin_template.php?path=../templets/../../ requests. | |||||
| CVE-2018-16796 | 1 Hiscout | 1 Grc Suite | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| HiScout GRC Suite before 3.1.5 allows Unrestricted Upload of Files with Dangerous Types. | |||||
| CVE-2018-16731 | 1 Chshcms | 1 Cscms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| CScms 4.1 allows arbitrary file upload by (for example) adding the php extension to the default filetype list (gif, jpg, png), and then providing a .php pathname within fileurl JSON data. | |||||
| CVE-2018-16397 | 1 Limesurvey | 1 Limesurvey | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
| In LimeSurvey before 3.14.7, an admin user can leverage a "file upload" question to read an arbitrary file, | |||||
| CVE-2018-16388 | 1 E107 | 1 E107 | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| e107_web/js/plupload/upload.php in e107 2.1.8 allows remote attackers to execute arbitrary PHP code by uploading a .php filename with the image/jpeg content type. | |||||
| CVE-2018-16373 | 1 Frog Cms Project | 1 Frog Cms | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
| Frog CMS 0.9.5 has an Upload vulnerability that can create files via /admin/?/plugin/file_manager/save. | |||||
| CVE-2018-16370 | 1 Pescms | 1 Pescms Team | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP code through /Public/?g=Team&m=Setting&a=upgrade by placing a .php file in a ZIP archive. | |||||
| CVE-2018-16352 | 1 Weaselcms Project | 1 Weaselcms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| There is a PHP code upload vulnerability in WeaselCMS 0.3.6 via index.php because code can be embedded at the end of a .png file when the image/png content type is used. | |||||
| CVE-2018-16287 | 1 Lg | 1 Supersign Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| LG SuperSign CMS allows file upload via signEzUI/playlist/edit/upload/..%2f URIs. | |||||
| CVE-2018-16169 | 1 Cybozu | 1 Remote Service Manager | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Cybozu Remote Service 3.0.0 to 3.1.0 allows remote authenticated attackers to upload and execute Java code file on the server via unspecified vectors. | |||||
| CVE-2018-16097 | 1 Lenovo | 1 Xclarity Integrator | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System Center versions prior to 3.5, allow an authenticated user to write to any system file due to insufficient sanitization during the upload of a certificate. | |||||
| CVE-2018-16093 | 1 Lenovo | 1 Xclarity Integrator | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| In versions prior to 5.5, LXCI for VMware allows an authenticated user to write to any system file due to insufficient sanitization during the upload of a backup file. | |||||
| CVE-2018-15882 | 1 Joomla | 1 Joomla\! | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Joomla! before 3.8.12. Inadequate checks in the InputFilter class could allow specifically prepared phar files to pass the upload filter. | |||||