hdcms 5.7 /fileupload.php unrestricted upload
A vulnerability, which was classified as critical, was found in hdcms 5.7. This affects an unknown code block of the
ObjectPlanet Opinio up to 7.14 JSP File admin/file.do filePath/fileContent unrestricted upload
A vulnerability was found in ObjectPlanet Opinio up to 7.14. It has been declared as critical. This vulnerability affects some
IBM Security Verify Access Docker 10.0.0 File Type unrestricted upload
A vulnerability was found in IBM Security Verify Access Docker 10.0.0 (Virtualization Software). It has been classified as critical. This
ProfilePress Plugin up to 3.1.3 on WordPress Image Uploader ImageUploader.php unrestricted upload
A vulnerability classified as critical was found in ProfilePress Plugin up to 3.1.3 on WordPress (WordPress Plugin). This vulnerability affects
ProfilePress Plugin up to 3.1.3 on WordPress File Uploader FileUploader.php unrestricted upload
A vulnerability, which was classified as critical, has been found in ProfilePress Plugin up to 3.1.3 on WordPress (WordPress Plugin).
Textpattern 4.7.3 include/txp_file.php file_insert unrestricted upload
A vulnerability was found in Textpattern 4.7.3 and classified as critical. This issue affects the function file_insert of the file
SP Project & Document Manager Plugin up to 4.21 on WordPress File Extension unrestricted upload
A vulnerability classified as critical was found in SP Project & Document Manager Plugin up to 4.21 on WordPress (Project
OpenPLC ScadaBR JSP File view_edit.shtm unrestricted upload
A vulnerability, which was classified as critical, has been found in OpenPLC ScadaBR (SCADA Software) (unknown version). This issue affects
CVE-2024-48581 : SOURCECODESTER BEST COURIER MANAGEMENT SYSTEM 1.0 ADMIN_CLASS.PHP UNRESTRICTED UPLOAD
Description File Upload vulnerability in Best courier management system in php v.1.0 allows a remote attacker to execute arbitrary code
CVE-2024-47823 : LIVEWIRE UP TO 3.5.1 GETCLIENTORIGINALNAME UNRESTRICTED UPLOAD
Description Livewire is a full-stack framework for Laravel that allows for dynamic UI components without leaving PHP. In livewire/livewire `<
CVE-2024-40125 : CLOSED-LOOP TECHNOLOGY CLESS SERVER 4.5.2 PHP UNRESTRICTED UPLOAD
Description An arbitrary file upload vulnerability in the Media Manager function of Closed-Loop Technology CLESS Server v4.5.2 allows attackers to
CVE-2024-46373 : DEDECMS 5.7.115 UNRESTRICTED UPLOAD
Description Dedecms V5.7.115 contains an arbitrary code execution via file upload vulnerability in the backend. References https://github.com/gaorenyusi/gaorenyusi/blob/main/CVE-2024-46373.md For More Information
CVE-2024-27115 : SIMPLE ONLINE PLANNING SO PLANNING PRIOR 1.52.02 UNRESTRICTED UPLOAD
Description A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online planning tool. With this vulnerability,
CVE-2024-8694 : JFINALCMS UP TO 20240903 COM.CMS.CONTROLLER.ADMIN.TEMPLATECONTROLLER /ADMIN/TEMPLATE/UPDATE FILENAME PATH TRAVERSAL
Description A vulnerability, which was classified as problematic, was found in JFinalCMS up to 20240903. This affects the function update
CVE-2024-7384 : ACYBA ACYMAILING PLUGIN UP TO 9.7.2 ON WORDPRESS ACYM_EXTRACTARCHIVE UNRESTRICTED UPLOAD
Description The AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress plugin for WordPress is vulnerable to
CVE-2024-38530 : GUNET OPENECLASS UP TO 3.15 H5P MODULE UNRESTRICTED UPLOAD
Description The Open eClass platform (formerly known as GUnet eClass) is a complete Course Management System. An arbitrary file upload
CVE-2024-40645 : FOGPROJECT FOG PRIOR 1.5.10.41 BANNER IMAGE UNRESTRICTED UPLOAD
Description FOG is a cloning/imaging/rescue suite/inventory management system. An improperly restricted file upload feature allows authenticated users to execute arbitrary
CVE-2024-28806 : ITALTEL I-MCS NFV 12.1.0-20211215 UNRESTRICTED UPLOAD
Description An issue was discovered in Italtel i-MCS NFV 12.1.0-20211215. Remote unauthenticated attackers can upload files at an arbitrary path.
CVE-2024-5980 : LIGHTNING-AI PYTORCH-LIGHTNING UP TO 2.2.4 API ENDPOINT /V1/RUNS UNRESTRICTED UPLOAD
Description A vulnerability in the /v1/runs API endpoint of lightning-ai/pytorch-lightning v2.2.4 allows attackers to exploit path traversal when extracting tar.gz
CVE-2024-33006 : SAP NETWEAVER APPLICATION SERVER ABAP AND ABAP PLATFORM UNRESTRICTED UPLOAD
Description An unauthenticated attacker can upload a malicious file to the server which when accessed by a victim can allow
CVE-2023-48371 : ITPISON OMICARD EDM 6.0.1.5 SMS UNRESTRICTED UPLOAD
Description ITPison OMICARD EDM’s file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker
CVE-2023-4817 : ICP DAS ET-7060 Unrestricted Upload
Description This vulnerability allows an authenticated attacker to upload malicious files by bypassing the restrictions of the upload functionality, compromising
CVE-2023-37289 : INFINITY DOCUMENT ON-LINE SUBMISSION AND APPROVAL SYSTEM 22547/22567 UNRESTRICTED UPLOAD
Description It is identified a vulnerability of Unrestricted Upload of File with Dangerous Type in the file uploading function in
CVE-2023-25655 : BASERCMS UP TO 4.7.4 UNRESTRICTED UPLOAD
Description baserCMS is a Content Management system. Prior to version 4.7.5, any file may be uploaded on the management system