Total
3867 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-41178 | 1 Nextcloud | 1 Server | 2024-11-21 | 4.0 MEDIUM | 8.8 HIGH |
|
Nextcloud is an open-source, self-hosted productivity platform. Prior to versions 20.0.13, 21.0.5, and 22.2.0, a file traversal vulnerability makes an attacker able to download arbitrary SVG images from the host system, including user provided files. This could also be leveraged into a XSS/phishing attack, an attacker could upload a malicious SVG file that mimics the Nextcloud login form and send a specially crafted link to victims. The XSS risk here is mitigated due to the fact that Nextcloud e ...
Show More |
|||||
| CVE-2021-40954 | 1 Laiketui | 1 Laiketui | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Laiketui 3.5.0 is affected by an arbitrary file upload vulnerability that can allow an attacker to execute arbitrary code.
|
|||||
| CVE-2021-40940 | 1 Monstra | 1 Monstra | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Monstra 3.0.4 does not filter the case of php, which leads to an unrestricted file upload vulnerability.
|
|||||
| CVE-2021-40905 | 2 Checkmk, Tribe29 | 2 Checkmk, Checkmk | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
The web management console of CheckMK Enterprise Edition (versions 1.5.0 to 2.0.0p9) does not properly sanitise the uploading of ".mkp" files, which are Extension Packages, making remote code execution possible. Successful exploitation requires access to the web management interface, either with valid credentials or with a hijacked session of a user with administrator role. NOTE: the vendor states that this is the intended behavior: admins are supposed to be able to execute code in this manner
|
|||||
| CVE-2021-40883 | 1 Emlog | 1 Emlog | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
A Remote Code Execution (RCE) vulnerability exists in emlog 5.3.1 via content/plugins.
|
|||||
| CVE-2021-40845 | 1 Zenitel | 1 Alphacom Xe Audio Server | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
The web part of Zenitel AlphaCom XE Audio Server through 11.2.3.10, called AlphaWeb XE, does not restrict file upload in the Custom Scripts section at php/index.php. Neither the content nor extension of the uploaded files is checked, allowing execution of PHP code under the /cmd directory.
|
|||||
| CVE-2021-40531 | 2 Apple, Sketch | 2 Macos, Sketch | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Sketch before 75 allows library feeds to be used to bypass file quarantine. Files are automatically downloaded and opened, without the com.apple.quarantine extended attribute. This results in remote code execution, as demonstrated by CommandString in a terminal profile to Terminal.app.
|
|||||
| CVE-2021-40344 | 1 Nagios | 1 Nagios Xi | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
An issue was discovered in Nagios XI 5.8.5. In the Custom Includes section of the Admin panel, an administrator can upload files with arbitrary extensions as long as the MIME type corresponds to an image. Therefore it is possible to upload a crafted PHP script to achieve remote command execution.
|
|||||
| CVE-2021-40324 | 1 Cobbler Project | 1 Cobbler | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Cobbler before 3.3.0 allows arbitrary file write operations via upload_log_data.
|
|||||
| CVE-2021-40189 | 1 Php-fusion | 1 Phpfusion | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
PHPFusion 9.03.110 is affected by a remote code execution vulnerability. The theme function will extract a file to "webroot/themes/{Theme Folder], where an attacker can access and execute arbitrary code.
|
|||||
| CVE-2021-40188 | 1 Php-fusion | 1 Phpfusion | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
PHPFusion 9.03.110 is affected by an arbitrary file upload vulnerability. The File Manager function in admin panel does not filter all PHP extensions such as ".php, .php7, .phtml, .php5, ...". An attacker can upload a malicious file and execute code on the server.
|
|||||
| CVE-2021-40175 | 1 Zohocorp | 1 Manageengine Log360 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Zoho ManageEngine Log360 before Build 5219 allows unrestricted file upload with resultant remote code execution.
|
|||||
| CVE-2021-3915 | 1 Bookstackapp | 1 Bookstack | 2024-11-21 | 3.5 LOW | 5.7 MEDIUM |
|
bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type
|
|||||
| CVE-2021-3906 | 1 Bookstackapp | 1 Bookstack | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type
|
|||||
| CVE-2021-3846 | 1 Firefly-iii | 1 Firefly Iii | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
firefly-iii is vulnerable to Unrestricted Upload of File with Dangerous Type
|
|||||
| CVE-2021-3832 | 1 Artica | 1 Integria Ims | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Integria IMS in its 5.0.92 version is vulnerable to a Remote Code Execution attack through file uploading. An unauthenticated attacker could abuse the AsyncUpload() function in order to exploit the vulnerability.
|
|||||
| CVE-2021-3745 | 1 Flatcore | 1 Flatcore-cms | 2024-11-21 | 6.0 MEDIUM | 6.6 MEDIUM |
|
flatcore-cms is vulnerable to Unrestricted Upload of File with Dangerous Type
|
|||||
| CVE-2021-3378 | 1 Fortilogger | 1 Fortilogger | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
FortiLogger 4.4.2.2 is affected by Arbitrary File Upload by sending a "Content-Type: image/png" header to Config/SaveUploadedHotspotLogoFile and then visiting Assets/temp/hotspot/img/logohotspot.asp.
|
|||||
| CVE-2021-3277 | 1 Nagios | 1 Nagios Xi | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
Nagios XI 5.7.5 and earlier allows authenticated admins to upload arbitrary files due to improper validation of the rename functionality in custom-includes component, which leads to remote code execution by uploading php files.
|
|||||
| CVE-2021-3166 | 1 Asus | 2 Dsl-n14u B1, Dsl-n14u B1 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered on ASUS DSL-N14U-B1 1.1.2.3_805 devices. An attacker can upload arbitrary file content as a firmware update when the filename Settings_DSL-N14U-B1.trx is used. Once this file is loaded, shutdown measures on a wide range of services are triggered as if it were a real update, resulting in a persistent outage of those services.
|
|||||
| CVE-2021-3164 | 1 Churchdesk | 1 Churchrota | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
ChurchRota 2.6.4 is vulnerable to authenticated remote code execution. The user does not need to have file upload permission in order to upload and execute an arbitrary file via a POST request to resources.php.
|
|||||
| CVE-2021-3120 | 1 Yithemes | 1 Yith Woocommerce Gift Cards | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
An arbitrary file upload vulnerability in the YITH WooCommerce Gift Cards Premium plugin before 3.3.1 for WordPress allows remote attackers to achieve remote code execution on the operating system in the security context of the web server. In order to exploit this vulnerability, an attacker must be able to place a valid Gift Card product into the shopping cart. An uploaded file is placed at a predetermined path on the web server with a user-specified filename and extension. This occurs because t ...
Show More |
|||||
| CVE-2021-39608 | 1 Flatcore | 1 Flatcore-cms | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
|
Remote Code Execution (RCE) vulnerabilty exists in FlatCore-CMS 2.0.7 via the upload addon plugin, which could let a remote malicious user exeuct arbitrary php code.
|
|||||
| CVE-2021-39384 | 1 Diaowen | 1 Dwsurvey | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
DWSurvey v3.2.0 was discovered to contain an arbitrary file write vulnerability via the component /utils/ToHtmlServlet.java.
|
|||||
| CVE-2021-39352 | 1 Catchplugins | 1 Catch Themes Demo Import | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
The Catch Themes Demo Import WordPress plugin is vulnerable to arbitrary file uploads via the import functionality found in the ~/inc/CatchThemesDemoImport.php file, in versions up to and including 1.7, due to insufficient file type validation. This makes it possible for an attacker with administrative privileges to upload malicious files that can be used to achieve remote code execution.
|
|||||
| CVE-2021-39317 | 1 Accesspressthemes | 43 Access Demo Importer, Accesspress-lite, Accesspress-mag and 40 more | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
A WordPress plugin and several WordPress themes developed by AccessPress Themes are vulnerable to malicious file uploads via the plugin_offline_installer AJAX action due to a missing capability check in the plugin_offline_installer_callback function found in the /demo-functions.php file or /welcome.php file of the affected products. The complete list of affected products and their versions are below: WordPress Plugin: AccessPress Demo Importer <=1.0.6 WordPress Themes: accesspress-basic <= 3.2.1 ...
Show More |
|||||
| CVE-2021-39222 | 1 Nextcloud | 1 Talk | 2024-11-21 | 4.3 MEDIUM | 6.4 MEDIUM |
|
Nextcloud is an open-source, self-hosted productivity platform. The Nextcloud Talk application was vulnerable to a stored Cross-Site Scripting (XSS) vulnerability. For exploitation, a user would need to right-click on a malicious file and open the file in a new tab. Due the strict Content-Security-Policy shipped with Nextcloud, this issue is not exploitable on modern browsers supporting Content-Security-Policy. It is recommended that the Nextcloud Talk application is upgraded to patched versions ...
Show More |
|||||
| CVE-2021-39221 | 1 Nextcloud | 1 Contacts | 2024-11-21 | 3.5 LOW | 6.4 MEDIUM |
|
Nextcloud is an open-source, self-hosted productivity platform. The Nextcloud Contacts application prior to version 4.0.3 was vulnerable to a stored Cross-Site Scripting (XSS) vulnerability. For exploitation, a user would need to right-click on a malicious file and open the file in a new tab. Due the strict Content-Security-Policy shipped with Nextcloud, this issue is not exploitable on modern browsers supporting Content-Security-Policy. It is recommended that the Nextcloud Contacts application ...
Show More |
|||||
| CVE-2021-39040 | 1 Ibm | 1 Planning Analytics Workspace | 2024-11-21 | 6.0 MEDIUM | 8.0 HIGH |
|
IBM Planning Analytics Workspace 2.0 could be vulnerable to malicious file upload by not validating the file types or sizes. Attackers can make use of this weakness and upload malicious executable files into the system and it can be sent to victim for performing further attacks. IBM X-Force ID: 214025.
|
|||||
| CVE-2021-38945 | 2 Ibm, Netapp | 2 Cognos Analytics, Oncommand Insight | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
IBM Cognos Analytics 11.2.1, 11.2.0, and 11.1.7 could allow a remote attacker to upload arbitrary files, caused by improper content validation. IBM X-Force ID: 211238.
|
|||||
| CVE-2021-38847 | 1 S-cart | 1 S-cart | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
S-Cart v6.4.1 and below was discovered to contain an arbitrary file upload vulnerability in the Editor module on the Admin panel. This vulnerability allows attackers to execute arbitrary code via a crafted IMG file.
|
|||||
| CVE-2021-38841 | 1 Simple Water Refilling Station Management System Project | 1 Simple Water Refilling Station Management System | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
Remote Code Execution can occur in Simple Water Refilling Station Management System 1.0 via the System Logo option on the system_info page in classes/SystemSettings.php with an update_settings action.
|
|||||
| CVE-2021-38753 | 1 Simple Image Gallery Web App Project | 1 Simple Image Gallery Web App | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An unrestricted file upload on Simple Image Gallery Web App can be exploited to upload a web shell and executed to gain unauthorized access to the server hosting the web app.
|
|||||
| CVE-2021-38697 | 1 Softvibe | 1 Saraban | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
SoftVibe SARABAN for INFOMA 1.1 allows Unauthenticated unrestricted File Upload, that allows attackers to upload files with any file extension which can lead to arbitrary code execution.
|
|||||
| CVE-2021-38613 | 1 Nascent | 1 Remkon Device Manager | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
The assets/index.php Image Upload feature of the NASCENT RemKon Device Manager 4.0.0.0 allows attackers to upload any code to the target system and achieve remote code execution.
|
|||||
| CVE-2021-38484 | 1 Inhandnetworks | 2 Ir615, Ir615 Firmware | 2024-11-21 | 9.0 HIGH | 9.1 CRITICAL |
|
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 do not have a filter or signature check to detect or prevent an upload of malicious files to the server, which may allow an attacker, acting as an administrator, to upload malicious files. This could result in cross-site scripting, deletion of system files, and remote code execution.
|
|||||
| CVE-2021-38471 | 1 Auvesy | 1 Versiondog | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
There are multiple API function codes that permit data writing to any file, which may allow an attacker to modify existing files or create new files.
|
|||||
| CVE-2021-38397 | 1 Honeywell | 8 Application Control Environment, Application Control Environment Firmware, C200 and 5 more | 2024-11-21 | N/A | 10.0 CRITICAL |
|
Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to unrestricted file uploads, which may allow an attacker to remotely execute arbitrary code and cause a denial-of-service condition.
|
|||||
| CVE-2021-38366 | 1 Sitecore | 1 Sitecore | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Sitecore through 10.1, when Update Center is enabled, allows remote authenticated users to upload arbitrary files and achieve remote code execution by visiting an uploaded .aspx file at an admin/Packages URL.
|
|||||
| CVE-2021-38346 | 1 Brizy | 1 Brizy-page Builder | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
The Brizy Page Builder plugin <= 2.3.11 for WordPress allowed authenticated users to upload executable files to a location of their choice using the brizy_create_block_screenshot AJAX action. The file would be named using the id parameter, which could be prepended with "../" to perform directory traversal, and the file contents were populated via the ibsf parameter, which would be base64-decoded and written to the file. While the plugin added a .jpg extension to all uploaded filenames, a double ...
Show More |
|||||