Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-13774

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-12 Nov, 2020 | 19:22
Updated At-04 Aug, 2024 | 12:25
Rejected At-
Credits

An unrestricted file-upload issue in EditLaunchPadDialog.aspx in Ivanti Endpoint Manager 2019.1 and 2020.1 allows an authenticated attacker to gain remote code execution by uploading a malicious aspx file. The issue is caused by insufficient file extension validation and insecure file operations on the uploaded image, which upon failure will leave the temporarily created files in an accessible location on the server.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:12 Nov, 2020 | 19:22
Updated At:04 Aug, 2024 | 12:25
Rejected At:
▼CVE Numbering Authority (CNA)

An unrestricted file-upload issue in EditLaunchPadDialog.aspx in Ivanti Endpoint Manager 2019.1 and 2020.1 allows an authenticated attacker to gain remote code execution by uploading a malicious aspx file. The issue is caused by insufficient file extension validation and insecure file operations on the uploaded image, which upon failure will leave the temporarily created files in an accessible location on the server.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://labs.jumpsec.com/advisory-cve-2020-13774-ivanti-uem-rce/
x_refsource_MISC
Hyperlink: https://labs.jumpsec.com/advisory-cve-2020-13774-ivanti-uem-rce/
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://labs.jumpsec.com/advisory-cve-2020-13774-ivanti-uem-rce/
x_refsource_MISC
x_transferred
Hyperlink: https://labs.jumpsec.com/advisory-cve-2020-13774-ivanti-uem-rce/
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:12 Nov, 2020 | 20:15
Updated At:02 Dec, 2020 | 16:27

An unrestricted file-upload issue in EditLaunchPadDialog.aspx in Ivanti Endpoint Manager 2019.1 and 2020.1 allows an authenticated attacker to gain remote code execution by uploading a malicious aspx file. The issue is caused by insufficient file extension validation and insecure file operations on the uploaded image, which upon failure will leave the temporarily created files in an accessible location on the server.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.9CRITICAL
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Primary2.09.0HIGH
AV:N/AC:L/Au:S/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 9.9
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 9.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C
CPE Matches
Ivanti Software
ivanti
>>endpoint_manager>>2019.1
cpe:2.3:a:ivanti:endpoint_manager:2019.1:*:*:*:*:*:*:*
Ivanti Software
ivanti
>>endpoint_manager>>2020.1
cpe:2.3:a:ivanti:endpoint_manager:2020.1:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-434Primarynvd@nist.gov
CWE ID: CWE-434
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://labs.jumpsec.com/advisory-cve-2020-13774-ivanti-uem-rce/cve@mitre.org
Third Party Advisory
Hyperlink: https://labs.jumpsec.com/advisory-cve-2020-13774-ivanti-uem-rce/
Source: cve@mitre.org
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

219Records found
CVE-2023-46808
Matching Score-10
Assigner-HackerOne
ShareView Details
Matching Score-10
Assigner-HackerOne
CVSS Score-9.9||CRITICAL
EPSS-7.98% / 91.71%
||
7 Day CHG~0.00%
Published-31 Mar, 2024 | 01:45
Updated-02 Aug, 2024 | 20:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An file upload vulnerability in Ivanti ITSM before 2023.4, allows an authenticated remote user to perform file writes to the server. Successful exploitation may lead to execution of commands in the context of non-root user.

Action-Not Available
Vendor-Ivanti Software
Product-neurons_for_itsmITSMneurons_for_itsm
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2021-22908
Matching Score-8
Assigner-HackerOne
ShareView Details
Matching Score-8
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-31.77% / 96.65%
||
7 Day CHG~0.00%
Published-27 May, 2021 | 11:14
Updated-03 Aug, 2024 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in Windows File Resource Profiles in 9.X allows a remote authenticated user with privileges to browse SMB shares to execute arbitrary code as the root user. As of version 9.1R3, this permission is not enabled by default.

Action-Not Available
Vendor-n/aIvanti SoftwarePulse Secure
Product-pulse_connect_secureconnect_securePulse Connect Secure
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-22467
Matching Score-8
Assigner-Ivanti
ShareView Details
Matching Score-8
Assigner-Ivanti
CVSS Score-9.9||CRITICAL
EPSS-31.33% / 96.61%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 15:20
Updated-20 Feb, 2025 | 15:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6 allows a remote authenticated attacker to achieve remote code execution.

Action-Not Available
Vendor-Ivanti Software
Product-connect_secureConnect Secure
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2021-3540
Matching Score-8
Assigner-Rapid7, Inc.
ShareView Details
Matching Score-8
Assigner-Rapid7, Inc.
CVSS Score-6.5||MEDIUM
EPSS-2.20% / 83.76%
||
7 Day CHG~0.00%
Published-22 Jul, 2021 | 18:27
Updated-17 Sep, 2024 | 00:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ivanti MobileIron Core clish Restricted Shell Escape via Argument Injection

By abusing the 'install rpm info detail' command, an attacker can escape the restricted clish shell on affected versions of Ivanti MobileIron Core. This issue was fixed in version 11.1.0.0.

Action-Not Available
Vendor-Ivanti Software
Product-mobileironMobileIron Core
CWE ID-CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CVE-2021-3198
Matching Score-8
Assigner-Rapid7, Inc.
ShareView Details
Matching Score-8
Assigner-Rapid7, Inc.
CVSS Score-6.5||MEDIUM
EPSS-2.20% / 83.76%
||
7 Day CHG~0.00%
Published-22 Jul, 2021 | 18:27
Updated-16 Sep, 2024 | 19:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ivanti MobileIron Core clish Restricted Shell Escape via OS Command Injection

By abusing the 'install rpm url' command, an attacker can escape the restricted clish shell on affected versions of Ivanti MobileIron Core. This issue was fixed in version 11.1.0.0.

Action-Not Available
Vendor-Ivanti Software
Product-mobileironMobileIron Core
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-22894
Matching Score-8
Assigner-HackerOne
ShareView Details
Matching Score-8
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-49.66% / 97.73%
||
7 Day CHG~0.00%
Published-27 May, 2021 | 11:15
Updated-30 Jul, 2025 | 01:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-04-23||Apply updates per vendor instructions.

A buffer overflow vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to execute arbitrary code as the root user via maliciously crafted meeting room.

Action-Not Available
Vendor-n/aIvanti Software
Product-connect_securePulse Connect SecurePulse Connect Secure
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2024-29848
Matching Score-6
Assigner-HackerOne
ShareView Details
Matching Score-6
Assigner-HackerOne
CVSS Score-7.2||HIGH
EPSS-21.20% / 95.45%
||
7 Day CHG~0.00%
Published-31 May, 2024 | 17:38
Updated-06 May, 2025 | 14:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unrestricted file upload vulnerability in web component of Ivanti Avalanche before 6.4.x allows an authenticated, privileged user to execute arbitrary commands as SYSTEM.

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvalancheavalanche
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2020-8260
Matching Score-6
Assigner-HackerOne
ShareView Details
Matching Score-6
Assigner-HackerOne
CVSS Score-7.2||HIGH
EPSS-70.36% / 98.62%
||
7 Day CHG~0.00%
Published-28 Oct, 2020 | 12:47
Updated-30 Jul, 2025 | 01:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-04-23||Apply updates per vendor instructions.

A vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an authenticated attacker to perform an arbitrary code execution using uncontrolled gzip extraction.

Action-Not Available
Vendor-n/aIvanti Software
Product-connect_securePulse Connect Secure / Pulse Policy SecurePulse Connect Secure
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-8297
Matching Score-6
Assigner-Ivanti
ShareView Details
Matching Score-6
Assigner-Ivanti
CVSS Score-7.2||HIGH
EPSS-1.03% / 76.37%
||
7 Day CHG~0.00%
Published-12 Aug, 2025 | 14:37
Updated-15 Aug, 2025 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incomplete restriction of configuration in Ivanti Avalanche before version 6.4.8.8008 allows a remote authenticated attacker with admin privileges to achieve remote code execution

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvalanche
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-22060
Matching Score-6
Assigner-HackerOne
ShareView Details
Matching Score-6
Assigner-HackerOne
CVSS Score-8.7||HIGH
EPSS-4.75% / 89.01%
||
7 Day CHG~0.00%
Published-31 May, 2024 | 17:38
Updated-25 Aug, 2024 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unrestricted file upload vulnerability in web component of Ivanti Neurons for ITSM allows a remote, authenticated, high privileged user to write arbitrary files into sensitive directories of ITSM server.

Action-Not Available
Vendor-IvantiIvanti Software
Product-ITSMneurons_for_itsm
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-13171
Matching Score-6
Assigner-Ivanti
ShareView Details
Matching Score-6
Assigner-Ivanti
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.03%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 17:16
Updated-11 Jul, 2025 | 17:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient filename validation in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to achieve remote code execution. Local user interaction is required.

Action-Not Available
Vendor-Ivanti Software
Product-endpoint_managerEndpoint Manager
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-46263
Matching Score-6
Assigner-HackerOne
ShareView Details
Matching Score-6
Assigner-HackerOne
CVSS Score-7.2||HIGH
EPSS-78.85% / 99.01%
||
7 Day CHG~0.00%
Published-19 Dec, 2023 | 15:43
Updated-02 Aug, 2024 | 20:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remote code execution.

Action-Not Available
Vendor-Ivanti SoftwareMicrosoft Corporation
Product-windowsavalancheAvalanche
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-46264
Matching Score-6
Assigner-HackerOne
ShareView Details
Matching Score-6
Assigner-HackerOne
CVSS Score-7.2||HIGH
EPSS-65.08% / 98.41%
||
7 Day CHG~0.00%
Published-19 Dec, 2023 | 15:43
Updated-04 Sep, 2024 | 19:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remove code execution.

Action-Not Available
Vendor-Ivanti SoftwareMicrosoft Corporation
Product-windowsavalancheAvalancheavalanche
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2019-12377
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-8.26% / 91.88%
||
7 Day CHG~0.00%
Published-03 Jun, 2019 | 19:19
Updated-04 Aug, 2024 | 23:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerable upl/async_upload.asp web API endpoint in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Service Update 5 allows arbitrary file upload, which may lead to arbitrary remote code execution.

Action-Not Available
Vendor-n/aIvanti Software
Product-landesk_management_suiten/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-41725
Matching Score-6
Assigner-HackerOne
ShareView Details
Matching Score-6
Assigner-HackerOne
CVSS Score-7.8||HIGH
EPSS-0.18% / 39.85%
||
7 Day CHG~0.00%
Published-03 Nov, 2023 | 18:13
Updated-05 Sep, 2024 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Ivanti Avalanche EnterpriseServer Service Unrestricted File Upload Local Privilege Escalation Vulnerability

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvalancheavalanche
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-32564
Matching Score-6
Assigner-HackerOne
ShareView Details
Matching Score-6
Assigner-HackerOne
CVSS Score-6.8||MEDIUM
EPSS-27.34% / 96.22%
||
7 Day CHG~0.00%
Published-10 Aug, 2023 | 19:04
Updated-09 Oct, 2024 | 19:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remove code execution.

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvalanche
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-32562
Matching Score-6
Assigner-HackerOne
ShareView Details
Matching Score-6
Assigner-HackerOne
CVSS Score-6.8||MEDIUM
EPSS-27.34% / 96.22%
||
7 Day CHG~0.00%
Published-10 Aug, 2023 | 19:04
Updated-06 Mar, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to achieve a remove code execution. Fixed in version 6.4.1.

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvalanche
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-28128
Matching Score-6
Assigner-HackerOne
ShareView Details
Matching Score-6
Assigner-HackerOne
CVSS Score-7.2||HIGH
EPSS-86.61% / 99.38%
||
7 Day CHG~0.00%
Published-09 May, 2023 | 00:00
Updated-28 Jan, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to achieve a remove code execution.

Action-Not Available
Vendor-n/aIvanti Software
Product-avalancheAvalanche
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2021-42133
Matching Score-6
Assigner-HackerOne
ShareView Details
Matching Score-6
Assigner-HackerOne
CVSS Score-8.1||HIGH
EPSS-3.58% / 87.29%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 13:13
Updated-04 Aug, 2024 | 03:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform an arbitrary file write.

Action-Not Available
Vendor-n/aIvanti Software
Product-avalancheIvanti Avalanche
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CWE ID-CWE-829
Inclusion of Functionality from Untrusted Control Sphere
CVE-2021-42125
Matching Score-6
Assigner-HackerOne
ShareView Details
Matching Score-6
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-49.35% / 97.71%
||
7 Day CHG-1.82%
Published-07 Dec, 2021 | 13:12
Updated-04 Aug, 2024 | 03:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unrestricted file upload vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to write dangerous files.

Action-Not Available
Vendor-n/aIvanti Software
Product-avalancheIvanti Avalance
CWE ID-CWE-502
Deserialization of Untrusted Data
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-23534
Matching Score-6
Assigner-HackerOne
ShareView Details
Matching Score-6
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-1.95% / 82.70%
||
7 Day CHG~0.00%
Published-19 Apr, 2024 | 01:10
Updated-06 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Unrestricted File-upload vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM.

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvalancheavalanche
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2021-22937
Matching Score-6
Assigner-HackerOne
ShareView Details
Matching Score-6
Assigner-HackerOne
CVSS Score-7.2||HIGH
EPSS-7.49% / 91.40%
||
7 Day CHG~0.00%
Published-16 Aug, 2021 | 18:38
Updated-03 Aug, 2024 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Pulse Connect Secure before 9.1R12 could allow an authenticated administrator to perform a file write via a maliciously crafted archive uploaded in the administrator web interface.

Action-Not Available
Vendor-n/aIvanti SoftwarePulse Secure
Product-pulse_connect_secureconnect_securePulse Connect Secure
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-4197
Matching Score-4
Assigner-Avaya, Inc.
ShareView Details
Matching Score-4
Assigner-Avaya, Inc.
CVSS Score-9.9||CRITICAL
EPSS-0.89% / 74.50%
||
7 Day CHG~0.00%
Published-25 Jun, 2024 | 04:01
Updated-21 Jan, 2025 | 14:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Avaya IP Office One-X Portal File Upload Vulnerability

An unrestricted file upload vulnerability in Avaya IP Office was discovered that could allow remote command or code execution via the One-X component. Affected versions include all versions prior to 11.1.3.1.

Action-Not Available
Vendor-Avaya LLC
Product-ip_officeIP Officeip_office
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2018-13021
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-1.44% / 79.91%
||
7 Day CHG~0.00%
Published-29 Jun, 2018 | 17:00
Updated-05 Aug, 2024 | 08:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in HongCMS 3.0.0. There is an Arbitrary Script File Upload issue that can result in PHP code execution via the admin/index.php/template/upload URI.

Action-Not Available
Vendor-hongcms_projectn/a
Product-hongcmsn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2018-11638
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-2.38% / 84.38%
||
7 Day CHG~0.00%
Published-03 Jul, 2018 | 17:00
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unrestricted Upload of a File with a Dangerous Type in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote authenticated users to upload malicious code to the web root to gain code execution.

Action-Not Available
Vendor-dialogicn/a
Product-powermedia_xmsn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2018-1215
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-8.8||HIGH
EPSS-10.72% / 93.03%
||
7 Day CHG~0.00%
Published-08 Mar, 2018 | 15:00
Updated-05 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An arbitrary file upload vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement): Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.18, Dell EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.21, Dell EMC VASA Virtual Appliance versions prior to 8.4.0.514, and Dell EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier). A remote authenticated malicious user may potentially upload arbitrary maliciously crafted files in any location on the web server. By chaining this vulnerability with CVE-2018-1216, the attacker may use the default account to exploit this vulnerability.

Action-Not Available
Vendor-n/aDell Inc.
Product-emc_vasa_virtual_applianceemc_solutions_enabler_virtual_applianceemc_unisphere_for_vmax_virtual_applianceemc_vmax_embedded_managementvApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement)
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2018-11340
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.76% / 72.30%
||
7 Day CHG~0.00%
Published-22 May, 2018 | 01:00
Updated-05 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unrestricted file upload vulnerability in importuser.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to upload supplied data to a specified filename. This can be used to place attacker controlled code on the file system that is then executed.

Action-Not Available
Vendor-n/aASUSTOR Inc.
Product-as6202tas6202t_firmwaren/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2018-10577
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-4.85% / 89.14%
||
7 Day CHG~0.00%
Published-02 May, 2018 | 21:00
Updated-05 Aug, 2024 | 07:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9.15, and AP300 devices with firmware before 2.0.0.10. File upload functionality allows any users authenticated on the web interface to upload files containing code to the web root, allowing these files to be executed as root.

Action-Not Available
Vendor-n/aWatchGuard Technologies, Inc.
Product-ap102ap200_firmwareap100ap300_firmwareap300ap100_firmwareap200ap102_firmwaren/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-37762
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.9||CRITICAL
EPSS-25.14% / 95.97%
||
7 Day CHG~0.00%
Published-01 Jul, 2024 | 00:00
Updated-30 Apr, 2025 | 16:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MachForm up to version 21 is affected by an authenticated unrestricted file upload which leads to a remote code execution.

Action-Not Available
Vendor-machformn/amachform
Product-machformn/amachform
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2018-10173
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.78% / 81.93%
||
7 Day CHG~0.00%
Published-20 Apr, 2018 | 21:00
Updated-05 Aug, 2024 | 07:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Digital Guardian Management Console 7.1.2.0015 allows authenticated remote code execution because of Arbitrary File Upload functionality.

Action-Not Available
Vendor-digitalguardiann/a
Product-management_consolen/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2017-9970
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-7.2||HIGH
EPSS-2.94% / 85.89%
||
7 Day CHG~0.00%
Published-12 Feb, 2018 | 23:00
Updated-16 Sep, 2024 | 22:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in Schneider Electric's StruxureOn Gateway versions 1.1.3 and prior. Uploading a zip which contains carefully crafted metadata allows for the file to be uploaded to any directory on the host machine information which could lead to remote code execution.

Action-Not Available
Vendor-n/a
Product-struxureon_gatewayn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-37420
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-9.9||CRITICAL
EPSS-0.85% / 74.04%
||
7 Day CHG+0.17%
Published-09 Jul, 2024 | 10:18
Updated-02 Aug, 2024 | 03:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Zita Elementor Site Library plugin <= 1.6.1 - Arbitrary Code Execution vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in WPZita Zita Elementor Site Library allows Upload a Web Shell to a Web Server.This issue affects Zita Elementor Site Library: from n/a through 1.6.1.

Action-Not Available
Vendor-WPZitawpzita
Product-Zita Elementor Site Libraryzita_elementor_site_library
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2017-9279
Matching Score-4
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-4
Assigner-OpenText (formerly Micro Focus)
CVSS Score-2||LOW
EPSS-0.18% / 39.36%
||
7 Day CHG~0.00%
Published-02 Mar, 2018 | 20:00
Updated-17 Sep, 2024 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NetIQ Identity Manager allowed uploading of user icons with incorrect types or extensions

NetIQ Identity Manager before 4.5.6.1 allowed uploading files with double extensions or non-image content in the Themes handling of the User Application Administration, allowing malicious user administrators to potentially execute code or mislead users.

Action-Not Available
Vendor-netiqNetIQ
Product-identity_managerIdentity Manager
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CWE ID-CWE-20
Improper Input Validation
CVE-2024-37424
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-9.9||CRITICAL
EPSS-0.93% / 75.21%
||
7 Day CHG+0.19%
Published-09 Jul, 2024 | 10:21
Updated-02 Aug, 2024 | 03:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Newspack Blocks plugin <= 3.0.8 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Automattic Newspack Blocks allows Upload a Web Shell to a Web Server.This issue affects Newspack Blocks: from n/a through 3.0.8.

Action-Not Available
Vendor-Automattic Inc.
Product-Newspack Blocksnewspack_newsletters
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-37418
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-9.9||CRITICAL
EPSS-1.17% / 77.83%
||
7 Day CHG-0.05%
Published-09 Jul, 2024 | 10:15
Updated-02 Aug, 2024 | 03:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Church Admin plugin <= 4.4.6 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Andy Moyle Church Admin allows Upload a Web Shell to a Web Server.This issue affects Church Admin: from n/a through 4.4.6.

Action-Not Available
Vendor-Andy Moyleandymoyle
Product-Church Adminchurch_admin
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-34411
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-9.9||CRITICAL
EPSS-0.56% / 67.28%
||
7 Day CHG~0.00%
Published-13 May, 2024 | 08:57
Updated-02 Aug, 2024 | 02:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress canvasio3D Light plugin <= 2.5.0 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Thomas Scholl canvasio3D Light.This issue affects canvasio3D Light: from n/a through 2.5.0.

Action-Not Available
Vendor-Thomas Scholl
Product-canvasio3D Light
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-31286
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-9.9||CRITICAL
EPSS-0.80% / 73.08%
||
7 Day CHG+0.21%
Published-07 Apr, 2024 | 17:30
Updated-02 Aug, 2024 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress WP Photo Album Plus plugin < 8.6.03.005 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus.This issue affects WP Photo Album Plus: from n/a before 8.6.03.005.

Action-Not Available
Vendor-J.N. Breetvelt a.k.a. OpaJaap
Product-WP Photo Album Plus
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-32514
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-9.9||CRITICAL
EPSS-0.48% / 64.24%
||
7 Day CHG~0.00%
Published-17 Apr, 2024 | 07:58
Updated-09 Jun, 2025 | 21:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress WP Poll Maker plugin <= 3.4 - Authenticated Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Poll Maker & Voting Plugin Team (InfoTheme) WP Poll Maker.This issue affects WP Poll Maker: from n/a through 3.4.

Action-Not Available
Vendor-infothemePoll Maker & Voting Plugin Team (InfoTheme)
Product-wp_poll_makerWP Poll Maker
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-30500
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-9.9||CRITICAL
EPSS-0.77% / 72.57%
||
7 Day CHG~0.00%
Published-29 Mar, 2024 | 13:35
Updated-27 Feb, 2025 | 14:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress CubeWP plugin <= 1.1.12 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in CubeWP CubeWP – All-in-One Dynamic Content Framework.This issue affects CubeWP – All-in-One Dynamic Content Framework: from n/a through 1.1.12.

Action-Not Available
Vendor-cubewpCubeWP
Product-cubewpCubeWP – All-in-One Dynamic Content Framework
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-29135
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-9.9||CRITICAL
EPSS-0.47% / 63.82%
||
7 Day CHG~0.00%
Published-19 Mar, 2024 | 13:51
Updated-25 Feb, 2025 | 15:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Tourfic plugin <= 2.11.15 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Tourfic.This issue affects Tourfic: from n/a through 2.11.15.

Action-Not Available
Vendor-themeficthemefic
Product-tourficTourfictourfic
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-47663
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-9.9||CRITICAL
EPSS-0.06% / 19.85%
||
7 Day CHG~0.00%
Published-23 May, 2025 | 12:43
Updated-27 May, 2025 | 14:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Hospital Management System plugin <= 47.0(20-11-2023) - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla Hospital Management System allows Upload a Web Shell to a Web Server. This issue affects Hospital Management System: from 47.0(20 through 11.

Action-Not Available
Vendor-mojoomla
Product-Hospital Management System
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-46157
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.9||CRITICAL
EPSS-0.13% / 33.73%
||
7 Day CHG+0.02%
Published-18 Jun, 2025 | 00:00
Updated-23 Jun, 2025 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in EfroTech Time Trax v.1.0 allows a remote attacker to execute arbitrary code via the file attachment function in the leave request form

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2020-6965
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.9||CRITICAL
EPSS-0.30% / 52.78%
||
7 Day CHG~0.00%
Published-24 Jan, 2020 | 17:06
Updated-04 Aug, 2024 | 09:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X, B450 Version 2.X, B650 Version 1.X, B650 Version 2.X, B850 Version 1.X, B850 Version 2.X, a vulnerability in the software update mechanism allows an authenticated attacker to upload arbitrary files on the system through a crafted update package.

Action-Not Available
Vendor-gehealthcaren/a
Product-carescape_central_station_mas700clinical_information_center_mp100dclinical_information_center_mp100d_firmwarecarescape_telemetry_server_mp100r_firmwarecarescape_b850_monitor_firmwarecarescape_telemetry_server_mp100rcarescape_central_station_mas700_firmwarecarescape_b450_monitorcarescape_b650_monitorapexpro_telemetry_server_firmwarecarescape_central_station_mai700_firmwarecarescape_central_station_mai700apexpro_telemetry_serverclinical_information_center_mp100rclinical_information_center_mp100r_firmwarecarescape_b450_monitor_firmwarecarescape_b650_monitor_firmwarecarescape_b850_monitorGE CARESCAPE Telemetry Server,ApexPro Telemetry Server,CARESCAPE Central Station,Clinical Information Center systems,CARESCAPE B450,B650,B850 Monitors
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CWE ID-CWE-20
Improper Input Validation
CVE-2020-7055
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.9||CRITICAL
EPSS-2.07% / 83.20%
||
7 Day CHG~0.00%
Published-22 Apr, 2020 | 17:02
Updated-04 Aug, 2024 | 09:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Elementor 2.7.4. Arbitrary file upload is possible in the Elementor Import Templates function, allowing an attacker to execute code via a crafted ZIP archive.

Action-Not Available
Vendor-elementorn/a
Product-elementor_page_buildern/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-25909
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-9.9||CRITICAL
EPSS-0.56% / 67.11%
||
7 Day CHG~0.00%
Published-26 Feb, 2024 | 15:28
Updated-08 May, 2025 | 14:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress WP Media folder Plugin <= 5.7.2 is vulnerable to Arbitrary File Upload

Unrestricted Upload of File with Dangerous Type vulnerability in JoomUnited WP Media folder.This issue affects WP Media folder: from n/a through 5.7.2.

Action-Not Available
Vendor-JoomUnited
Product-wp_media_folderWP Media folderwp_media_folder
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2020-4620
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-8.8||HIGH
EPSS-4.14% / 88.19%
||
7 Day CHG~0.00%
Published-22 Sep, 2020 | 13:55
Updated-16 Sep, 2024 | 21:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Data Risk Manager (iDNA) 2.0.6 could allow a remote authenticated attacker to upload arbitrary files, caused by the improper validation of file extensions. By sending a specially-crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious file, which could allow the attacker to execute arbitrary code on the vulnerable system. IBM X-Force ID: 184979.

Action-Not Available
Vendor-IBM Corporation
Product-data_risk_managerData Risk Manager
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2020-5256
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.9||HIGH
EPSS-0.68% / 70.54%
||
7 Day CHG~0.00%
Published-09 Mar, 2020 | 15:50
Updated-04 Aug, 2024 | 08:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote Code Execution Through Image Uploads in BookStack

BookStack before version 0.25.5 has a vulnerability where a user could upload PHP files through image upload functions, which would allow them to execute code on the host system remotely. They would then have the permissions of the PHP process. This most impacts scenarios where non-trusted users are given permission to upload images in any area of the application. The issue was addressed in a series of patches in versions 0.25.3, 0.25.4 and 0.25.5. Users should upgrade to at least v0.25.5 to avoid this vulnerability.

Action-Not Available
Vendor-bookstackappBookStackApp
Product-bookstackBookStack
CWE ID-CWE-95
Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2022-23155
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7.2||HIGH
EPSS-0.74% / 71.88%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 20:00
Updated-17 Sep, 2024 | 01:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Wyse Management Suite versions 2.0 through 3.5.2 contain an unrestricted file upload vulnerability. A malicious user with admin privileges can exploit this vulnerability in order to execute arbitrary code on the system.

Action-Not Available
Vendor-Dell Inc.
Product-wyse_management_suiteWyse Management Suite
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2020-35945
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.9||CRITICAL
EPSS-2.23% / 83.86%
||
7 Day CHG~0.00%
Published-01 Jan, 2021 | 03:28
Updated-04 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Divi Builder plugin, Divi theme, and Divi Extra theme before 4.5.3 for WordPress. Authenticated attackers, with contributor-level or above capabilities, can upload arbitrary files, including .php files. This occurs because the check for file extensions is on the client side.

Action-Not Available
Vendor-elegant_themesn/a
Product-divi_extradividivi_buildern/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-1644
Matching Score-4
Assigner-Fluid Attacks
ShareView Details
Matching Score-4
Assigner-Fluid Attacks
CVSS Score-9.9||CRITICAL
EPSS-0.31% / 53.77%
||
7 Day CHG~0.00%
Published-19 Feb, 2024 | 23:54
Updated-31 Dec, 2024 | 14:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Suite CRM v7.14.2 - RCE via Local File Inclusion

Suite CRM version 7.14.2 allows including local php files. This is possible because the application is vulnerable to LFI.

Action-Not Available
Vendor-SuiteCRM Ltd.SalesAgility Ltd.
Product-suitecrmSuite CRM
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • Next
Details not found