Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file vulnerabilities and exploits
(subscribe to this query)
9.9
CVSSv3
CVE-2020-7055
An issue exists in Elementor 2.7.4. Arbitrary file upload is possible in the Elementor Import Templates function, allowing an malicious user to execute code via a crafted ZIP archive.
Elementor Elementor Page Builder
9.9
CVSSv3
CVE-2019-5138
An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted diagnostic script file can cause arbitrary busybox commands to be executed, resulting in remote control over the dev...
Moxa Awk-3131a Firmware 1.13
9.9
CVSSv3
CVE-2013-3960
Easytime Studio Easy File Manager 1.1 has a HTTP request security bypass
Easytimestudio Easy File Manager 1.1
9.9
CVSSv3
CVE-2019-19896
In IXP EasyInstall 6.2.13723, there is Remote Code Execution via weak permissions on the Engine Service share. The default file permissions of the IXP$ share on the server allows modification of directories and files (e.g., bat-scripts), which allows execution of code in the cont...
Ixpdata Easyinstall 6.2.13723
9.9
CVSSv3
CVE-2015-5951
A file upload issue exists in the specid parameter in Thomson Reuters FATCH prior to 5.2, which allows malicious users to upload arbitrary PHP files to the web root and execute system commands.
Thomsonreuters Fatca
9.9
CVSSv3
CVE-2018-18406
An issue exists in Tufin SecureTrack 18.1 with TufinOS 2.16 build 1179(Final). The Audit Report module is affected by a blind XXE vulnerability when a new Best Practices Report is saved using a special payload inside the xml input field. The XXE vulnerability is blind since the r...
Tufin Securetrack 18.1
9.9
CVSSv3
CVE-2019-4013
IBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server with root privileges. This results in code execution on underlying system with root privileges. IBM X-Force ID: 155887.
Ibm Bigfix Platform
1 EDB exploit
9.9
CVSSv3
CVE-2018-19586
Silverpeas 5.15 up to and including 6.0.2 is affected by an authenticated Directory Traversal vulnerability that can be triggered during file uploads because core/webapi/upload/FileUploadData.java mishandles a StringUtil.java call. This vulnerability enables regular users to writ...
Silverpeas Silverpeas
9.9
CVSSv3
CVE-2018-18810
The Administrator Service component of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center, and TIBCO Managed File Transfer Internet Server contains vulnerabilities where an authenticated user with specific privileges can gain access to credentials to other syst...
Tibco Managed File Transfer Internet Server 8.1.0
Tibco Managed File Transfer Command Center
Tibco Managed File Transfer Command Center 8.1.0
Tibco Managed File Transfer Internet Server
9.9
CVSSv3
CVE-2018-16367
In OnlineJudge 2.0, the sandbox has an incorrect access control vulnerability that can write a file anywhere. A user can write a directory listing to /tmp, and can leak file data with a #include.
Qduoj Onlinejudge 2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »