Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file upload vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-36598
An arbitrary file upload vulnerability in Aegon Life v1.0 allows malicious users to execute arbitrary code via uploading a crafted image file.
1 Github repository
NA
CVE-2024-31777
File Upload vulnerability in openeclass v.3.15 and before allows an malicious user to execute arbitrary code via a crafted file to the certbadge.php endpoint.
1 Github repository
NA
CVE-2024-34683
An authenticated attacker can upload malicious file to SAP Document Builder service. When the victim accesses this file, the attacker is allowed to access, modify, or make the related information unavailable in the victim’s browser.
NA
CVE-2024-35746
Unrestricted Upload of File with Dangerous Type vulnerability in Asghar Hatampoor BuddyPress Cover allows Code Injection.This issue affects BuddyPress Cover: from n/a up to and including 2.1.4.2.
Buddypress Cover Project Buddypress Cover
NA
CVE-2023-45188
IBM Engineering Lifecycle Optimization Publishing 7.0.2 and 7.03 could allow a remote malicious user to upload arbitrary files, caused by the improper validation of file extensions. By sending a specially crafted request, a remote attacker could exploit this vulnerability to uplo...
NA
CVE-2024-36811
An arbitrary file upload vulnerability in the image upload function of aimeos-core v2024.04 allows malicious users to execute arbitrary code via uploading a crafted PHP file.
NA
CVE-2024-5745
A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/modules/product/controller.php?action=add. The manipulation of the argument image leads to unrestricted upload. It i...
NA
CVE-2024-5734
A vulnerability classified as critical has been found in itsourcecode Online Discussion Forum 1.0. Affected is an unknown function of the file /members/poster.php. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. T...
NA
CVE-2024-4620
The ARForms - Premium WordPress Form Builder Plugin WordPress plugin prior to 6.6 allows unauthenticated users to modify uploaded files in such a way that PHP code can be uploaded when an upload file input is included on a form
NA
CVE-2024-36774
An arbitrary file upload vulnerability in Monstra CMS v3.0.4 allows malicious users to execute arbitrary code via uploading a crafted PHP file.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »