• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-434

CVE-2020-28140

February 26, 2023 by

SourceCodester Online Clothing Store 1.0 is affected by an arbitrary file upload via the image upload feature of Products.php.

CVE-2020-28165

February 26, 2023 by

The EasyCorp ZenTao PMS 12.4.2 application suffers from an arbitrary file upload vulnerability. An attacker can upload arbitrary webshell to the server by using the downloadZipPackage() function.

CVE-2020-28173

February 26, 2023 by

Simple College Website 1.0 allows a user to conduct remote code execution via /alumni/admin/ajax.php?action=save_settings when uploading a malicious file using the image upload functionality, which is stored in /alumni/admin/assets/uploads/.

CVE-2020-28062

February 26, 2023 by

An Access Control vulnerability exists in HisiPHP 2.0.11 via special packets that are constructed in $files = Dir::getList($decompath. ‘/ Upload/Plugins /, which could let a remote malicious user execute arbitrary code.

CVE-2020-28063

February 26, 2023 by

A file upload issue exists in all versions of ArticleCMS which allows malicious users to getshell.

CVE-2020-28072

February 26, 2023 by

A Remote Code Execution vulnerability exists in DourceCodester Alumni Management System 1.0. An authenticated attacker can upload arbitrary file in the gallery.php page and executing it on the server reaching the RCE.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 40
  • Go to page 41
  • Go to page 42
  • Go to page 43
  • Go to page 44
  • Interim pages omitted …
  • Go to page 224
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE