• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-434

CVE-2020-23790

February 26, 2023 by

An Arbitrary File Upload vulnerability was discovered in the Golo Laravel theme v 1.1.5.

CVE-2020-23828

February 26, 2023 by

A File Upload vulnerability in SourceCodester Online Course Registration v1.0 allows remote attackers to achieve Remote Code Execution (RCE) on the hosting webserver by uploading a crafted PHP web-shell that bypasses the image upload filters. An attack uses /Online%20Course%20Registration/my-profile.php with the POST parameter photo.

CVE-2020-23829

February 26, 2023 by

interface/new/new_comprehensive_save.php in LibreHealth EHR 2.0.0 suffers from an authenticated file upload vulnerability, allowing remote attackers to achieve remote code execution (RCE) on the hosting webserver by uploading a maliciously crafted image.

CVE-2020-23572

February 26, 2023 by

BEESCMS v4.0 was discovered to contain an arbitrary file upload vulnerability via the component /admin/upload.php. This vulnerability allows attackers to execute arbitrary code via a crafted image file.

CVE-2020-23591

February 26, 2023 by

A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an attacker to upload arbitrary files through ” /mgm_dev_upgrade.asp ” which can “delete every file for Denial of Service (using ‘rm -rf *.*’ in the code), reverse connection (using ‘.asp’ webshell), backdoor.

CVE-2020-23520

February 26, 2023 by

imcat 5.2 allows an authenticated file upload and consequently remote code execution via the picture functionality.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 50
  • Go to page 51
  • Go to page 52
  • Go to page 53
  • Go to page 54
  • Interim pages omitted …
  • Go to page 224
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE