Export limit exceeded: 335653 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (3956 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-0194 | 1 Codeastro | 1 Internet Banking System | 2025-06-03 | 6.3 Medium |
| A vulnerability, which was classified as critical, has been found in CodeAstro Internet Banking System up to 1.0. This issue affects some unknown processing of the file pages_account.php of the component Profile Picture Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249509 was assigned to this vulnerability. | ||||
| CVE-2023-7212 | 1 Dedecms | 1 Dedecms | 2025-06-03 | 4.7 Medium |
| A vulnerability classified as critical has been found in DeDeCMS up to 5.7.112. Affected is an unknown function of the file file_class.php of the component Backend. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249768. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-0352 | 1 Likeshop | 1 Likeshop | 2025-06-03 | 7.3 High |
| A vulnerability classified as critical was found in Likeshop up to 2.5.7.20210311. This vulnerability affects the function FileServer::userFormImage of the file server/application/api/controller/File.php of the component HTTP POST Request Handler. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250120. | ||||
| CVE-2023-6558 | 1 Webtoffee | 1 Import Export Wordpress Users | 2025-06-03 | 7.2 High |
| The Export and Import Users and Customers plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'upload_import_file' function in versions up to, and including, 2.4.8. This makes it possible for authenticated attackers with shop manager-level capabilities or above, to upload arbitrary files on the affected site's server which may make remote code execution possible. | ||||
| CVE-2023-6220 | 1 Piotnet | 1 Piotnet Forms | 2025-06-03 | 8.1 High |
| The Piotnet Forms plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'piotnetforms_ajax_form_builder' function in versions up to, and including, 1.0.26. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. | ||||
| CVE-2024-0505 | 1 Zhongfucheng3y | 1 Austin | 2025-06-03 | 5.5 Medium |
| A vulnerability was found in ZhongFuCheng3y Austin 1.0 and classified as critical. This issue affects the function getFile of the file com/java3y/austin/web/controller/MaterialController.java of the component Upload Material Menu. The manipulation leads to unrestricted upload. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250619. | ||||
| CVE-2024-41339 | 1 Draytek | 40 Vigor165, Vigor165 Firmware, Vigor166 and 37 more | 2025-06-03 | 8.8 High |
| An issue in the CGI endpoint used to upload configurations in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 allows attackers to upload a crafted kernel module, allowing for arbitrary code execution. | ||||
| CVE-2024-41340 | 1 Draytek | 40 Vigor165, Vigor165 Firmware, Vigor166 and 37 more | 2025-06-03 | 8.4 High |
| An issue in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 allows attackers to upload crafted APP Enforcement modules, leading to arbitrary code execution. | ||||
| CVE-2023-5966 | 1 Espocrm | 1 Espocrm | 2025-06-03 | 9.1 Critical |
| An authenticated privileged attacker could upload a specially crafted zip to the EspoCRM server in version 7.2.5, via the extension deployment form, which could lead to arbitrary PHP code execution. | ||||
| CVE-2024-7074 | 2025-06-02 | 6.8 Medium | ||
| An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper validation of user input in SOAP admin services. A malicious actor with administrative privileges can upload an arbitrary file to a user-controlled location on the server. By leveraging this vulnerability, an attacker could upload a specially crafted payload, potentially achieving remote code execution (RCE) on the server. Exploitation requires valid admin credentials, limiting its impact to authorized but potentially malicious users. | ||||
| CVE-2024-20272 | 1 Cisco | 1 Unity Connection | 2025-06-02 | 7.3 High |
| A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system and execute commands on the underlying operating system. This vulnerability is due to a lack of authentication in a specific API and improper validation of user-supplied data. An attacker could exploit this vulnerability by uploading arbitrary files to an affected system. A successful exploit could allow the attacker to store malicious files on the system, execute arbitrary commands on the operating system, and elevate privileges to root. | ||||
| CVE-2023-27168 | 1 Xpand-it | 1 Write-back Manager | 2025-06-02 | 9.8 Critical |
| An arbitrary file upload vulnerability in Xpand IT Write-back Manager v2.3.1 allows attackers to execute arbitrary code via a crafted jsp file. | ||||
| CVE-2024-0643 | 1 Cires21 | 1 Live Encoder | 2025-06-02 | 10 Critical |
| Unrestricted upload of dangerous file types in the C21 Live Encoder and Live Mosaic product, version 5.3. This vulnerability allows a remote attacker to upload different file extensions without any restrictions, resulting in a full system compromise. | ||||
| CVE-2023-40051 | 1 Progress | 2 Openedge, Openedge Innovation | 2025-06-02 | 9.1 Critical |
| This issue affects Progress Application Server (PAS) for OpenEdge in versions 11.7 prior to 11.7.18, 12.2 prior to 12.2.13, and innovation releases prior to 12.8.0. An attacker can formulate a request for a WEB transport that allows unintended file uploads to a server directory path on the system running PASOE. If the upload contains a payload that can further exploit the server or its network, the launch of a larger scale attack may be possible. | ||||
| CVE-2024-1027 | 1 Oretnom23 | 1 Facebook News Feed Like | 2025-05-30 | 6.3 Medium |
| A vulnerability, which was classified as critical, was found in SourceCodester Facebook News Feed Like 1.0. Affected is an unknown function of the component Post Handler. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-252300. | ||||
| CVE-2024-6366 | 1 Cozmoslabs | 1 Profile Builder | 2025-05-30 | 9.1 Critical |
| The User Profile Builder WordPress plugin before 3.11.8 does not have proper authorisation, allowing unauthenticated users to upload media files via the async upload functionality of WP. | ||||
| CVE-2023-26098 | 1 Telindus | 1 Apsal | 2025-05-30 | 8.2 High |
| An issue was discovered in the Open Document feature in Telindus Apsal 3.14.2022.235 b. An attacker may upload a crafted file to execute arbitrary code. | ||||
| CVE-2019-6513 | 1 Wso2 | 1 Api Manager | 2025-05-30 | N/A |
| An issue was discovered in WSO2 API Manager 2.6.0. It is possible for a logged-in user to upload, as API documentation, any type of file by changing the extension to an allowed one. | ||||
| CVE-2024-0783 | 1 Online Admission System Project | 1 Online Admission System | 2025-05-30 | 6.3 Medium |
| A vulnerability was found in Project Worlds Online Admission System 1.0 and classified as critical. This issue affects some unknown processing of the file documents.php. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-251699. | ||||
| CVE-2024-23644 | 1 Trillium | 2 Trillium, Trillium-http | 2025-05-30 | 6.8 Medium |
| Trillium is a composable toolkit for building internet applications with async rust. In `trillium-http` prior to 0.3.12 and `trillium-client` prior to 0.5.4, insufficient validation of outbound header values may lead to request splitting or response splitting attacks in scenarios where attackers have sufficient control over headers. This only affects use cases where attackers have control of request headers, and can insert "\r\n" sequences. Specifically, if untrusted and unvalidated input is inserted into header names or values. Outbound `trillium_http::HeaderValue` and `trillium_http::HeaderName` can be constructed infallibly and were not checked for illegal bytes when sending requests from the client or responses from the server. Thus, if an attacker has sufficient control over header values (or names) in a request or response that they could inject `\r\n` sequences, they could get the client and server out of sync, and then pivot to gain control over other parts of requests or responses. (i.e. exfiltrating data from other requests, SSRF, etc.) In `trillium-http` versions 0.3.12 and later, if a header name is invalid in server response headers, the specific header and any associated values are omitted from network transmission. Additionally, if a header value is invalid in server response headers, the individual header value is omitted from network transmission. Other headers values with the same header name will still be sent. In `trillium-client` versions 0.5.4 and later, if any header name or header value is invalid in the client request headers, awaiting the client Conn returns an `Error::MalformedHeader` prior to any network access. As a workaround, Trillium services and client applications should sanitize or validate untrusted input that is included in header values and header names. Carriage return, newline, and null characters are not allowed. | ||||