CWE-434

Unrestricted file upload vulnerability in the yccms 3.3 project. The xhUp function’s improper judgment of the request parameters, triggers remote code execution.

File Upload vulnerability exists in ArticleCMS 1.0 via the image upload feature at /admin by changing the Content-Type to image/jpeg and placing PHP code after the JPEG data, which could let a remote malicious user execute arbitrary PHP code.

An issue was discovered in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B. A local attacker can execute arbitrary code via editing the ‘recdata.db’ file to call a specially crafted GoAhead ASP-file on the SD card.

Niushop B2B2C Multi-business basic version V1.11, can bypass the administrator to obtain the background upload interface, through parameter upload, bypass the getimagesize function, upload php file, getshell.

Textpattern 4.7.3 contains an aribtrary file load via the file_insert function in include/txp_file.php.

An arbitrary file upload vulnerability in the avatar upload function of vaeThink v1.0.1 allows attackers to open a webshell via changing uploaded file suffixes to “.php”.