Search Results (4283 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-41267 1 Sap 1 Business Objects Business Intelligence Platform 2025-04-22 9.9 Critical
SAP Business Objects Platform - versions 420, and 430, allows an attacker with normal BI user privileges to upload/replace any file on Business Objects server at the operating system level, enabling the attacker to take full control of the system causing a high impact on confidentiality, integrity, and availability of the application.
CVE-2020-20588 1 Ibarn Project 1 Ibarn 2025-04-21 8.8 High
File upload vulnerability in function upload in action/Core.class.php in zhimengzhe iBarn 1.5 allows remote attackers to run arbitrary code via avatar upload to index.php.
CVE-2024-56828 1 1000mz 1 Chestnutcms 2025-04-21 9.8 Critical
File Upload vulnerability in ChestnutCMS through 1.5.0. Based on the code analysis, it was determined that the /api/member/avatar API endpoint receives a base64 string as input. This string is then passed to the memberService.uploadAvatarByBase64 method for processing. Within the service, the base64-encoded image is parsed. For example, given a string like: data:image/html;base64,PGh0bWw+PGltZyBzcmM9eCBvbmVycm9yPWFsZXJ0KDEpPjwvaHRtbD4= the content after the comma is extracted and decoded using Base64.getDecoder().decode(). The substring from the 11th character up to the first occurrence of a semicolon (;) is assigned to the suffix variable (representing the file extension). The decoded content is then written to a file. However, the file extension is not validated, and since this functionality is exposed to the frontend, it poses significant security risks.
CVE-2022-45338 1 Exactsoftware 1 Exact Synergy 2025-04-21 7.8 High
An arbitrary file upload vulnerability in the profile picture upload function of Exact Synergy Enterprise 267 before 267SP13 and Exact Synergy Enterprise 500 before 500SP6 allows attackers to execute arbitrary code via a crafted SVG file.
CVE-2024-42523 1 Publiccms 1 Publiccms 2025-04-21 7.2 High
publiccms V4.0.202302.e and before is vulnerable to Any File Upload via publiccms/admin/cmsTemplate/saveMetaData
CVE-2024-38428 2 Gnu, Redhat 6 Wget, Enterprise Linux, Rhel Aus and 3 more 2025-04-21 9.1 Critical
url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent.
CVE-2017-9380 1 Open-emr 1 Openemr 2025-04-20 8.8 High
OpenEMR 5.0.0 and prior allows low-privilege users to upload files of dangerous types which can result in arbitrary code execution within the context of the vulnerable application.
CVE-2017-1002016 1 Flickr Picture Backup Project 1 Flickr Picture Backup 2025-04-20 9.8 Critical
Vulnerability in wordpress plugin flickr-picture-backup v0.7, The code in flickr-picture-download.php doesn't check to see if the user is authenticated or that they have permission to upload files.
CVE-2017-1002003 1 Wp2android-turn-wp-site-into-android-app Project 1 Wp2android-turn-wp-site-into-android-app 2025-04-20 N/A
Vulnerability in wordpress plugin wp2android-turn-wp-site-into-android-app v1.1.4, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com.
CVE-2017-1002002 1 Webapp-builder Project 1 Webapp-builder 2025-04-20 N/A
Vulnerability in wordpress plugin webapp-builder v2.0, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com/
CVE-2017-1002001 1 Mobile-app-builder-by-wappress Project 1 Mobile-app-builder-by-wappress 2025-04-20 N/A
Vulnerability in wordpress plugin mobile-app-builder-by-wappress v1.05, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com.
CVE-2017-10940 1 Joyent 1 Triton Datacenter 2025-04-20 N/A
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Joyent Smart Data Center prior to agentsshar@1.0.0-release-20160901-20160901T051624Z-g3fd5adf (e469cf49-4de3-4658-8419-ab42837916ad). An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the docker API. The process does not properly validate user-supplied data which can allow for the upload of arbitrary files. An attacker can leverage this vulnerability to execute arbitrary code under the context of root. Was ZDI-CAN-3853.
CVE-2017-1002000 1 Mobile-friendly-app-builder-by-easytouch Project 1 Mobile-friendly-app-builder-by-easytouch 2025-04-20 N/A
Vulnerability in wordpress plugin mobile-friendly-app-builder-by-easytouch v3.0, The code in file ./mobile-friendly-app-builder-by-easytouch/server/images.php doesn't require authentication or check that the user is allowed to upload content.
CVE-2017-11756 1 Earcms 1 Ear Music 2025-04-20 N/A
In Earcms Ear Music through 4.1 build 20170710, remote authenticated users can execute arbitrary PHP code by changing the allowable music-upload extensions to include .php in addition to .mp3 and .m4a in admin.php?iframe=config_upload, and then using user.php/music/add/ to upload the code.
CVE-2017-13156 1 Google 1 Android 2025-04-20 N/A
An elevation of privilege vulnerability in the Android system (art). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-64211847.
CVE-2017-14251 1 Typo3 1 Typo3 2025-04-20 N/A
Unrestricted File Upload vulnerability in the fileDenyPattern in sysext/core/Classes/Core/SystemEnvironmentBuilder.php in TYPO3 7.6.0 to 7.6.21 and 8.0.0 to 8.7.4 allows remote authenticated users to upload files with a .pht extension and consequently execute arbitrary PHP code.
CVE-2017-14346 1 Blog Project 1 Blog 2025-04-20 N/A
upload.php in tianchoy/blog through 2017-09-12 allows unrestricted file upload and PHP code execution by using the image/jpeg, image/pjpeg, image/png, or image/gif content type for a .php file.
CVE-2017-14399 1 Blackcat-cms 1 Blackcat Cms 2025-04-20 N/A
In BlackCat CMS 1.2.2, unrestricted file upload is possible in backend\media\ajax_rename.php via the extension parameter, as demonstrated by changing the extension from .jpg to .php.
CVE-2017-14958 1 Pivotx 1 Pivotx 2025-04-20 N/A
lib.php in PivotX 2.3.11 does not properly block uploads of dangerous file types by admin users, which allows remote PHP code execution via an upload of a .php file.
CVE-2016-6104 1 Ibm 1 Security Key Lifecycle Manager 2025-04-20 N/A
IBM Tivoli Key Lifecycle Manager 2.5, and 2.6 could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions, which could allow the attacker to execute arbitrary code on the vulnerable system.