• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-434

CVE-2021-40524

February 23, 2023 by

In Pure-FTPd before 1.0.50, an incorrect max_filesize quota mechanism in the server allows attackers to upload files of unbounded size, which may lead to denial of service or a server hang. This occurs because a certain greater-than-zero test does not anticipate an initial -1 value. (Versions 1.0.23 through 1.0.49 are affected.)

CVE-2021-40531

February 23, 2023 by

Sketch before 75 allows library feeds to be used to bypass file quarantine. Files are automatically downloaded and opened, without the com.apple.quarantine extended attribute. This results in remote code execution, as demonstrated by CommandString in a terminal profile to Terminal.app.

CVE-2021-40324

February 23, 2023 by

Cobbler before 3.3.0 allows arbitrary file write operations via upload_log_data.

CVE-2021-40344

February 23, 2023 by

An issue was discovered in Nagios XI 5.8.5. In the Custom Includes section of the Admin panel, an administrator can upload files with arbitrary extensions as long as the MIME type corresponds to an image. Therefore it is possible to upload a crafted PHP script to achieve remote command execution.

CVE-2021-40175

February 23, 2023 by

Zoho ManageEngine Log360 before Build 5219 allows unrestricted file upload with resultant remote code execution.

CVE-2021-40188

February 23, 2023 by

PHPFusion 9.03.110 is affected by an arbitrary file upload vulnerability. The File Manager function in admin panel does not filter all PHP extensions such as “.php, .php7, .phtml, .php5, …”. An attacker can upload a malicious file and execute code on the server.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 115
  • Go to page 116
  • Go to page 117
  • Go to page 118
  • Go to page 119
  • Interim pages omitted …
  • Go to page 224
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE