• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-434

CVE-2022-26630

February 23, 2023 by godfreyd94

Jellycms v3.8.1 and below was discovered to contain an arbitrary file upload vulnerability via app.adminControllersdb.php.

CVE-2022-26645

February 23, 2023 by godfreyd94

A remote code execution (RCE) vulnerability in Online Banking System Protect v1.0 allows attackers to execute arbitrary code via a crafted PHP file uploaded through the Upload Image function.

CVE-2022-26521

February 23, 2023 by godfreyd94

Abantecart through 1.3.2 allows remote authenticated administrators to execute arbitrary code by uploading an executable file, because the Catalog>Media Manager>Images settings can be changed by an administrator (e.g., by configuring .php to be a valid image file type).

CVE-2022-2647

February 23, 2023 by godfreyd94

A vulnerability was found in jeecg-boot. It has been declared as critical. This vulnerability affects unknown code of the file /api/. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-205594 is the identifier assigned to this vulnerability.

CVE-2022-26352

February 23, 2023 by godfreyd94

An issue was discovered in the ContentResource API in dotCMS 3.0 through 22.02. Attackers can craft a multipart form request to post a file whose filename is not initially sanitized. This allows directory traversal, in which the file is saved outside of the intended storage location. If anonymous content creation is enabled, this allows an unauthenticated attacker to upload an executable file, such as a .jsp file, that can lead to remote code execution.

CVE-2022-26149

February 23, 2023 by godfreyd94

MODX Revolution through 2.8.3-pl allows remote authenticated administrators to execute arbitrary code by uploading an executable file, because the Uploadable File Types setting can be changed by an administrator.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 204
  • Go to page 205
  • Go to page 206
  • Go to page 207
  • Go to page 208
  • Interim pages omitted …
  • Go to page 224
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE