Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file upload vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-3381
SturGeoN Upload allows remote malicious users to execute arbitrary PHP code by uploading a file with a .php extension, then directly accessing the file. NOTE: It is uncertain whether this is a vulnerability or a feature of the product.
Sturgeon Upload Sturgeon Upload
1 EDB exploit
7.5
CVSSv2
CVE-2012-1205
PHP remote file inclusion vulnerability in relocate-upload.php in Relocate Upload plugin prior to 0.20 for WordPress allows remote malicious users to execute arbitrary PHP code via a URL in the abspath parameter.
Alanft Relocate-upload
Alanft Relocate-upload 0.10
Alanft Relocate-upload 0.11
1 EDB exploit
6.8
CVSSv2
CVE-2007-0497
PHP remote file inclusion vulnerability in upload/top.php in Upload-Service 1.0, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the maindir parameter.
Upload-service Upload-service 1.0
1 EDB exploit
6.8
CVSSv2
CVE-2013-5963
Unrestricted file upload vulnerability in multi.php in Simple Dropbox Upload plugin prior to 1.8.8.1 for WordPress allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in wp-co...
Cdsincdesign Simple Dropbox Upload Form
Cdsincdesign Simple Dropbox Upload Form 0.5.0
Cdsincdesign Simple Dropbox Upload Form 1.0.0
Cdsincdesign Simple Dropbox Upload Form 1.1.0
Cdsincdesign Simple Dropbox Upload Form 1.1.1
Cdsincdesign Simple Dropbox Upload Form 1.1.2
Cdsincdesign Simple Dropbox Upload Form 1.2.0
Cdsincdesign Simple Dropbox Upload Form 1.3.0
Cdsincdesign Simple Dropbox Upload Form 1.3.1
Cdsincdesign Simple Dropbox Upload Form 1.4.0
Cdsincdesign Simple Dropbox Upload Form 1.5.0
Cdsincdesign Simple Dropbox Upload Form 1.5.1
Cdsincdesign Simple Dropbox Upload Form 1.5.2
Cdsincdesign Simple Dropbox Upload Form 1.5.3
Cdsincdesign Simple Dropbox Upload Form 1.6.0
Cdsincdesign Simple Dropbox Upload Form 1.7.0
Cdsincdesign Simple Dropbox Upload Form 1.8.0
Cdsincdesign Simple Dropbox Upload Form 1.8.1
Cdsincdesign Simple Dropbox Upload Form 1.8.2
Cdsincdesign Simple Dropbox Upload Form 1.8.3
Cdsincdesign Simple Dropbox Upload Form 1.8.4
Cdsincdesign Simple Dropbox Upload Form 1.8.5
5
CVSSv2
CVE-2006-7133
Directory traversal vulnerability in upload/bin/download.php in Upload Tool for PHP 1.0 allows remote malicious users to read arbitrary files via (1) ".." sequences or (2) absolute pathnames in the filename parameter.
Php Upload Tool Php Upload Tool 1.0
1 EDB exploit
8.5
CVSSv2
CVE-2008-6207
Unrestricted file upload vulnerability in form_upload.php in PHPG Upload 1.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file. NOTE: the provenance of this information ...
Phpg Upload Phpg Upload 1.0
7.5
CVSSv2
CVE-2022-29353
An arbitrary file upload vulnerability in the file upload module of Graphql-upload v13.0.0 allows malicious users to execute arbitrary code via a crafted filename.
Graphql-upload Project Graphql-upload 13.0.0
7.5
CVSSv2
CVE-2015-4607
Unrestricted file upload vulnerability in the Frontend User Upload (feupload) extension 0.5.0 and previous versions for TYPO3 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension using a frontend form, then accessing it via a di...
Frontend User Upload Project Frontend User Upload
3.5
CVSSv2
CVE-2010-0697
Cross-site scripting (XSS) vulnerability in the iTweak Upload module 6.x-1.x prior to 6.x-1.2 and 6.x-2.x prior to 6.x-2.3 for Drupal allows remote authenticated users, with create content and upload file permissions, to inject arbitrary web script or HTML via the file name of an...
Ilya Ivanchenko Itweak Upload 6.x-1.0
Ilya Ivanchenko Itweak Upload 6.x-1.1
Ilya Ivanchenko Itweak Upload 6.x-1.x-dev
Ilya Ivanchenko Itweak Upload 6.x-2.0
Ilya Ivanchenko Itweak Upload 6.x-2.1
Ilya Ivanchenko Itweak Upload 6.x-2.2
Ilya Ivanchenko Itweak Upload 6.x-2.x-dev
7.5
CVSSv2
CVE-2021-24223
The N5 Upload Form WordPress plugin up to and including 1.0 suffers from an arbitrary file upload issue in page where a Form from the plugin is embed, as any file can be uploaded. The uploaded filename might be hard to guess as it's generated with md5(uniqid(rand())), howeve...
N5 Upload Form Project N5 Upload Form
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »