CWE-434

licenseUpload.php in Centreon Web before 2.8.27 allows attackers to upload arbitrary files via a POST request.

cPanel before 70.0.23 allows local privilege escalation via the WHM Locale XML Upload interface (SEC-380).

cPanel before 70.0.23 allows local privilege escalation via the WHM Legacy Language File Upload interface (SEC-379).

Roxy Fileman 1.4.5 allows unrestricted file upload in upload.php.

A file-upload vulnerability exists in Rukovoditel 2.3.1. index.php?module=configuration/save allows the user to upload a background image, and mishandles extension checking. It accepts uploads of PHP content if the first few characters match GIF data, and the filename ends in “.php” with mixed case, such as the .pHp extension.

An issue was discovered in Gurock TestRail 5.6.0.3853. An “Unrestricted Upload of File” vulnerability exists in the image-upload form (available in the description editor), allowing remote authenticated users to execute arbitrary code by uploading an image file with an executable extension but a safe Content-Type value, and then accessing it via a direct request to the file in the file-upload directory (if it’s accessible according to the server configuration).