• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-434

CVE-2023-0783

February 22, 2023 by godfreyd94

A vulnerability was found in EcShop 4.1.5. It has been classified as critical. This affects an unknown part of the file /ecshop/admin/template.php of the component PHP File Handler. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-220641 was assigned to this vulnerability.

CVE-2023-0587

February 22, 2023 by godfreyd94

A file upload vulnerability in exists in Trend Micro Apex One server build 11110. Using a malformed Content-Length header in an HTTP PUT message sent to URL /officescan/console/html/cgi/fcgiOfcDDA.exe, an unauthenticated remote attacker can upload arbitrary files to the SampleSubmission directory (i.e., PCCSRVTEMPSampleSubmission) on the server. The attacker can upload a large number of large files to fill up the file system on which the Apex One server is installed.

CVE-2023-0651

February 22, 2023 by godfreyd94

A vulnerability was found in FastCMS 0.1.0. It has been classified as critical. Affected is an unknown function of the component Template Management. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-220038 is the identifier assigned to this vulnerability.

CVE-2023-0455

February 22, 2023 by godfreyd94

Unrestricted Upload of File with Dangerous Type in GitHub repository unilogies/bumsys prior to v1.0.3-beta.

CVE-2023-0255

February 22, 2023 by godfreyd94

The Enable Media Replace WordPress plugin before 4.0.2 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites.

CVE-2023-0257

February 22, 2023 by godfreyd94

A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /fos/admin/index.php?page=menu of the component Menu Form. The manipulation of the argument Image with the input leads to unrestricted upload. The attack can be launched remotely. The identifier VDB-218185 was assigned to this vulnerability.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 222
  • Go to page 223
  • Go to page 224

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE