Total
3327 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-13443 | 1 Expressionengine | 1 Expressionengine | 2024-11-21 | 8.8 High |
| ExpressionEngine before 5.3.2 allows remote attackers to upload and execute arbitrary code in a .php%20 file via Compose Msg, Add attachment, and Save As Draft actions. A user with low privileges (member) is able to upload this. It is possible to bypass the MIME type check and file-extension check while uploading new files. Short aliases are not used for an attachment; instead, direct access is allowed to the uploaded files. It is possible to upload PHP only if one has member access, or registration/forum is enabled and one can create a member with the default group id of 5. To exploit this, one must to be able to send and compose messages (at least). | ||||
| CVE-2020-13442 | 1 Dext5 | 1 Dext5 | 2024-11-21 | 9.8 Critical |
| A Remote code execution vulnerability exists in DEXT5Upload in DEXT5 through 2.7.1402870. An attacker can upload a PHP file via dext5handler.jsp handler because the uploaded file is stored under dext5uploadeddata/. | ||||
| CVE-2020-13384 | 1 Monstra | 1 Monstra | 2024-11-21 | 8.8 High |
| Monstra CMS 3.0.4 allows remote authenticated users to upload and execute arbitrary PHP code via admin/index.php?id=filesmanager because, for example, .php filenames are blocked but .php7 filenames are not, a related issue to CVE-2017-18048. | ||||
| CVE-2020-13260 | 1 Rad | 2 Secflow-1v, Secflow-1v Firmware | 2024-11-21 | 6.1 Medium |
| A vulnerability in the web-based management interface of RAD SecFlow-1v through 2020-05-21 could allow an authenticated attacker to upload a JavaScript file, with a stored XSS payload, that will remain stored in the system as an OVPN file in Configuration-Services-Security-OpenVPN-Config or as the static key file in Configuration-Services-Security-OpenVPN-Static Keys. This payload will execute each time a user opens an affected web page. This could be exploited in conjunction with CVE-2020-13259. | ||||
| CVE-2020-13241 | 1 Microweber | 1 Microweber | 2024-11-21 | 7.8 High |
| Microweber 1.1.18 allows Unrestricted File Upload because admin/view:modules/load_module:users#edit-user=1 does not verify that the file extension (used with the Add Image option on the Edit User screen) corresponds to an image file. | ||||
| CVE-2020-13128 | 1 Gwtupload Project | 1 Gwtupload | 2024-11-21 | 7.5 High |
| An issue was discovered in Manolo GWTUpload 1.0.3. server/UploadServlet.java (the servlet for handling file upload) accepts a delay parameter that causes a thread to sleep. It can be abused to cause all of a server's threads to sleep, leading to denial of service. | ||||
| CVE-2020-13126 | 1 Elementor | 1 Elementor Page Builder | 2024-11-21 | 9.9 Critical |
| An issue was discovered in the Elementor Pro plugin before 2.9.4 for WordPress, as exploited in the wild in May 2020 in conjunction with CVE-2020-13125. An attacker with the Subscriber role can upload arbitrary executable files to achieve remote code execution. NOTE: the free Elementor plugin is unaffected. | ||||
| CVE-2020-12854 | 1 Seczetta | 1 Neprofile | 2024-11-21 | 8.8 High |
| A remote code execution vulnerability was identified in SecZetta NEProfile 3.3.11. Authenticated remote adversaries can invoke code execution upon uploading a carefully crafted JPEG file as part of the profile avatar. | ||||
| CVE-2020-12846 | 1 Synacor | 1 Zimbra Collaboration Suite | 2024-11-21 | 8.0 High |
| Zimbra before 8.8.15 Patch 10 and 9.x before 9.0.0 Patch 3 allows remote code execution via an avatar file. There is potential abuse of /service/upload servlet in the webmail subsystem. A user can upload executable files (exe,sh,bat,jar) in the Contact section of the mailbox as an avatar image for a contact. A user will receive a "Corrupt File" error, but the file is still uploaded and stored locally in /opt/zimbra/data/tmp/upload/, leaving it open to possible remote execution. | ||||
| CVE-2020-12843 | 1 Gogogate | 2 Ismartgate Pro, Ismartgate Pro Firmware | 2024-11-21 | 9.8 Critical |
| ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading sounds to garage doors. The magic bytes for WAV must be used. | ||||
| CVE-2020-12837 | 1 Gogogate | 2 Ismartgate Pro, Ismartgate Pro Firmware | 2024-11-21 | 7.5 High |
| ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading images to garage doors. The magic bytes of PNG must be used. | ||||
| CVE-2020-12828 | 1 Pango | 1 Virtual Private Network Software Development Kit | 2024-11-21 | 9.8 Critical |
| An issue was discovered in AnchorFree VPN SDK before 1.3.3.218. The VPN SDK service takes certain executable locations over a socket bound to localhost. Binding to the socket and providing a path where a malicious executable file resides leads to executing the malicious executable file with SYSTEM privileges. | ||||
| CVE-2020-12800 | 1 Codedropz | 1 Drag And Drop Multiple File Upload - Contact Form 7 | 2024-11-21 | 9.8 Critical |
| The drag-and-drop-multiple-file-upload-contact-form-7 plugin before 1.3.3.3 for WordPress allows Unrestricted File Upload and remote code execution by setting supported_type to php% and uploading a .php% file. | ||||
| CVE-2020-12715 | 1 Rainbowfishsoftware | 1 Pacsone Server | 2024-11-21 | 8.8 High |
| RainbowFish PacsOne Server 6.8.4 has Incorrect Access Control. | ||||
| CVE-2020-12675 | 1 Mappresspro | 1 Mappress | 2024-11-21 | 8.8 High |
| The mappress-google-maps-for-wordpress plugin before 2.54.6 for WordPress does not correctly implement capability checks for AJAX functions related to creation/retrieval/deletion of PHP template files, leading to Remote Code Execution. NOTE: this issue exists because of an incomplete fix for CVE-2020-12077. | ||||
| CVE-2020-12255 | 1 Rconfig | 1 Rconfig | 2024-11-21 | 8.8 High |
| rConfig 3.9.4 is vulnerable to remote code execution due to improper validation in the file upload functionality. vendor.crud.php accepts a file upload by checking content-type without considering the file extension and header. Thus, an attacker can exploit this by uploading a .php file to vendor.php that contains arbitrary PHP code and changing the content-type to image/gif. | ||||
| CVE-2020-12252 | 1 Gigamon | 1 Gigavue | 2024-11-21 | 6.2 Medium |
| An issue was discovered in Gigamon GigaVUE 5.5.01.11. The upload functionality allows an arbitrary file upload for an authenticated user. If an executable file is uploaded into the www-root directory, then it could yield remote code execution via the filename parameter. | ||||
| CVE-2020-12077 | 1 Mappresspro | 1 Mappress | 2024-11-21 | 8.8 High |
| The mappress-google-maps-for-wordpress plugin before 2.53.9 for WordPress does not correctly implement AJAX functions with nonces (or capability checks), leading to remote code execution. | ||||
| CVE-2020-12005 | 1 Rockwellautomation | 2 Factorytalk Linx, Rslinx Classic | 2024-11-21 | 7.5 High |
| FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 and later, Studio 5000 Launcher: Version 31 and later Stud, 5000 Logix Designer software: Version 32 and prior is vulnerable. A vulnerability exists in the communication function that enables users to upload EDS files by FactoryTalk Linx. This may allow an attacker to upload a file with bad compression, consuming all the available CPU resources, leading to a denial-of-service condition. | ||||
| CVE-2020-11943 | 1 Opmantek | 1 Open-audit | 2024-11-21 | 8.8 High |
| An issue was discovered in Open-AudIT 3.2.2. There is Arbitrary file upload. | ||||