• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-434

CVE-2022-28695

February 23, 2023 by godfreyd94

On F5 BIG-IP AFM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and 13.1.x versions prior to 13.1.5, an authenticated attacker with high privileges can upload a maliciously crafted file to the BIG-IP AFM Configuration utility, which allows an attacker to run arbitrary commands. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

CVE-2022-28700

February 23, 2023 by godfreyd94

Authenticated Arbitrary File Creation via Export function vulnerability in GiveWP’s GiveWP plugin <= 2.20.2 at WordPress.

CVE-2022-2872

February 23, 2023 by godfreyd94

Unrestricted Upload of File with Dangerous Type in GitHub repository octoprint/octoprint prior to 1.8.3.

CVE-2022-28525

February 23, 2023 by godfreyd94

ED01-CMS v20180505 was discovered to contain an arbitrary file upload vulnerability via /admin/users.php?source=edit_user&id=1.

CVE-2022-28528

February 23, 2023 by godfreyd94

bloofoxCMS v0.5.2.1 was discovered to contain an arbitrary file upload vulnerability via /admin/index.php?mode=content&page=media&action=edit.

CVE-2022-28568

February 23, 2023 by godfreyd94

Sourcecodester Doctor’s Appointment System 1.0 is vulnerable to File Upload to RCE via Image upload from the administrator panel. An attacker can obtain remote command execution just by knowing the path where the images are stored.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 194
  • Go to page 195
  • Go to page 196
  • Go to page 197
  • Go to page 198
  • Interim pages omitted …
  • Go to page 224
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE