Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
file upload vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2005-1956
File Upload Manager allows remote attackers to upload arbitrary files by modifying the test variable to contain a value of '~~~~~~' (six tildes), which bypasses the file extension checks....
File Upload Manager File Upload Manager
6.8
CVSSv2
CVE-2014-5199
Cross-site request forgery (CSRF) vulnerability in the WordPress File Upload plugin (wp-file-upload) before 2.4.2 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors. NOTE: some of...
Wordpress File Upload Project Wordpress File Upload
6.8
CVSSv2
CVE-2015-4379
Cross-site request forgery (CSRF) vulnerability in the Webform Multiple File Upload module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of certain users for requests that delete files via unspecified vectors....
Webform Multiple File Upload Project Webform Multiple File Upload 6.x-1.0
Webform Multiple File Upload Project Webform Multiple File Upload 6.x-1.1
Webform Multiple File Upload Project Webform Multiple File Upload 6.x-1.2
Webform Multiple File Upload Project Webform Multiple File Upload 7.x-1.2
Webform Multiple File Upload Project Webform Multiple File Upload 7.x-1.x
7.5
CVSSv2
CVE-2018-9206
Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0...
Jquery File Upload Project Jquery File Upload
3 EDB exploits available
1 Metasploit module available
26 Github repositories available
1 Article available
7.5
CVSSv2
CVE-2008-2510
SQL injection vulnerability in wp-uploadfile.php in the Upload File plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the f_id parameter....
Wordpress Upload File Plugin
1 EDB exploit available
4.3
CVSSv2
CVE-2018-9844
The Iptanus WordPress File Upload plugin before 4.3.4 for WordPress mishandles Settings attributes, leading to XSS....
Iptanus Wordpress File Upload
1 EDB exploit available
7.5
CVSSv2
CVE-2014-8739
Unrestricted file upload vulnerability in server/php/UploadHandler.php in the jQuery File Upload Plugin 6.4.4 for jQuery, as used in the Creative Solutions Creative Contact Form (formerly Sexy Contact Form) before 1.0.0 for WordPress and before 2.0.1 for Joomla!, allows remote...
Creative-solutions Creative Contact Form
Jquery File Upload Project Jquery File Upload 6.4.4
2 EDB exploits available
9.3
CVSSv2
CVE-2007-2563
Buffer overflow in the AddFile function in VersalSoft HTTP File Upload ActiveX control (UFileUploaderD.dll) allows remote attackers to execute arbitrary code via a long argument....
Versalsoft Http File Upload Activex Control
2 EDB exploits available
5
CVSSv2
CVE-2015-9338
The wp-file-upload plugin before 2.5.0 for WordPress has insufficient restrictions on upload of .php files....
Iptanus Wordpress File Upload
7.5
CVSSv2
CVE-2018-9207
Arbitrary file upload in jQuery Upload File <= 4.0.2...
Hayageek Jquery Upload File
4 Github repositories available
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-24027
open redirect
CVE-2021-30487
CVE-2021-28048
CVE-2021-23886
local file inclusion
CVE-2021-28483
log injection
CVE-2021-29448
Get Started
1
2
3
4
5
NEXT »