• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-434

CVE-2020-20287

February 26, 2023 by

Unrestricted file upload vulnerability in the yccms 3.3 project. The xhUp function’s improper judgment of the request parameters, triggers remote code execution.

CVE-2020-20092

February 26, 2023 by

File Upload vulnerability exists in ArticleCMS 1.0 via the image upload feature at /admin by changing the Content-Type to image/jpeg and placing PHP code after the JPEG data, which could let a remote malicious user execute arbitrary PHP code.

CVE-2020-19642

February 26, 2023 by

An issue was discovered in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B. A local attacker can execute arbitrary code via editing the ‘recdata.db’ file to call a specially crafted GoAhead ASP-file on the SD card.

CVE-2020-19672

February 26, 2023 by

Niushop B2B2C Multi-business basic version V1.11, can bypass the administrator to obtain the background upload interface, through parameter upload, bypass the getimagesize function, upload php file, getshell.

CVE-2020-19510

February 26, 2023 by

Textpattern 4.7.3 contains an aribtrary file load via the file_insert function in include/txp_file.php.

CVE-2020-19302

February 26, 2023 by

An arbitrary file upload vulnerability in the avatar upload function of vaeThink v1.0.1 allows attackers to open a webshell via changing uploaded file suffixes to “.php”.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 55
  • Go to page 56
  • Go to page 57
  • Go to page 58
  • Go to page 59
  • Interim pages omitted …
  • Go to page 224
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE