• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-434

CVE-2019-16530

February 26, 2023 by

Sonatype Nexus Repository Manager 2.x before 2.14.15 and 3.x before 3.19, and IQ Server before 72, has remote code execution.

CVE-2019-16318

February 26, 2023 by

In Pimcore before 5.7.1, an attacker with limited privileges can bypass file-extension restrictions via a 256-character filename, as demonstrated by the failure of automatic renaming of .php to .php.txt for long filenames, a different vulnerability than CVE-2019-10867 and CVE-2019-16317.

CVE-2019-16192

February 26, 2023 by

upload_model() in /admini/controllers/system/managemodel.php in DocCms 2016.5.17 allow remote attackers to execute arbitrary PHP code through module management files, as demonstrated by a .php file in a ZIP archive.

CVE-2019-16131

February 26, 2023 by

framework/admin/modulec_control.php in OKLite v1.2.25 has an Arbitrary File Upload Vulnerability because a .php file from a ZIP archive can be written to /data/cache/.

CVE-2019-16066

February 26, 2023 by

An unrestricted file upload vulnerability exists in user and system file upload functions in NETSAS Enigma NMS 65.0.0 and prior. This allows an attacker to upload malicious files and perform arbitrary code execution on the system.

CVE-2019-15936

February 26, 2023 by

Intesync Solismed 3.3sp allows Insecure File Upload.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 87
  • Go to page 88
  • Go to page 89
  • Go to page 90
  • Go to page 91
  • Interim pages omitted …
  • Go to page 224
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE