Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file upload vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2006-3381
SturGeoN Upload allows remote malicious users to execute arbitrary PHP code by uploading a file with a .php extension, then directly accessing the file. NOTE: It is uncertain whether this is a vulnerability or a feature of the product.
Sturgeon Upload Sturgeon Upload
1 EDB exploit
755
VMScore
CVE-2012-1205
PHP remote file inclusion vulnerability in relocate-upload.php in Relocate Upload plugin prior to 0.20 for WordPress allows remote malicious users to execute arbitrary PHP code via a URL in the abspath parameter.
Alanft Relocate-upload
Alanft Relocate-upload 0.10
Alanft Relocate-upload 0.11
1 EDB exploit
685
VMScore
CVE-2007-0497
PHP remote file inclusion vulnerability in upload/top.php in Upload-Service 1.0, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the maindir parameter.
Upload-service Upload-service 1.0
1 EDB exploit
605
VMScore
CVE-2013-5963
Unrestricted file upload vulnerability in multi.php in Simple Dropbox Upload plugin prior to 1.8.8.1 for WordPress allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in wp-co...
Cdsincdesign Simple Dropbox Upload Form
Cdsincdesign Simple Dropbox Upload Form 0.5.0
Cdsincdesign Simple Dropbox Upload Form 1.0.0
Cdsincdesign Simple Dropbox Upload Form 1.1.0
Cdsincdesign Simple Dropbox Upload Form 1.1.1
Cdsincdesign Simple Dropbox Upload Form 1.1.2
Cdsincdesign Simple Dropbox Upload Form 1.2.0
Cdsincdesign Simple Dropbox Upload Form 1.3.0
Cdsincdesign Simple Dropbox Upload Form 1.3.1
Cdsincdesign Simple Dropbox Upload Form 1.4.0
Cdsincdesign Simple Dropbox Upload Form 1.5.0
Cdsincdesign Simple Dropbox Upload Form 1.5.1
Cdsincdesign Simple Dropbox Upload Form 1.5.2
Cdsincdesign Simple Dropbox Upload Form 1.5.3
Cdsincdesign Simple Dropbox Upload Form 1.6.0
Cdsincdesign Simple Dropbox Upload Form 1.7.0
Cdsincdesign Simple Dropbox Upload Form 1.8.0
Cdsincdesign Simple Dropbox Upload Form 1.8.1
Cdsincdesign Simple Dropbox Upload Form 1.8.2
Cdsincdesign Simple Dropbox Upload Form 1.8.3
Cdsincdesign Simple Dropbox Upload Form 1.8.4
Cdsincdesign Simple Dropbox Upload Form 1.8.5
505
VMScore
CVE-2006-7133
Directory traversal vulnerability in upload/bin/download.php in Upload Tool for PHP 1.0 allows remote malicious users to read arbitrary files via (1) ".." sequences or (2) absolute pathnames in the filename parameter.
Php Upload Tool Php Upload Tool 1.0
1 EDB exploit
756
VMScore
CVE-2008-6207
Unrestricted file upload vulnerability in form_upload.php in PHPG Upload 1.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file. NOTE: the provenance of this information ...
Phpg Upload Phpg Upload 1.0
668
VMScore
CVE-2022-29353
An arbitrary file upload vulnerability in the file upload module of Graphql-upload v13.0.0 allows malicious users to execute arbitrary code via a crafted filename.
Graphql-upload Project Graphql-upload 13.0.0
668
VMScore
CVE-2015-4607
Unrestricted file upload vulnerability in the Frontend User Upload (feupload) extension 0.5.0 and previous versions for TYPO3 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension using a frontend form, then accessing it via a di...
Frontend User Upload Project Frontend User Upload
312
VMScore
CVE-2010-0697
Cross-site scripting (XSS) vulnerability in the iTweak Upload module 6.x-1.x prior to 6.x-1.2 and 6.x-2.x prior to 6.x-2.3 for Drupal allows remote authenticated users, with create content and upload file permissions, to inject arbitrary web script or HTML via the file name of an...
Ilya Ivanchenko Itweak Upload 6.x-1.0
Ilya Ivanchenko Itweak Upload 6.x-1.1
Ilya Ivanchenko Itweak Upload 6.x-1.x-dev
Ilya Ivanchenko Itweak Upload 6.x-2.0
Ilya Ivanchenko Itweak Upload 6.x-2.1
Ilya Ivanchenko Itweak Upload 6.x-2.2
Ilya Ivanchenko Itweak Upload 6.x-2.x-dev
668
VMScore
CVE-2021-24223
The N5 Upload Form WordPress plugin up to and including 1.0 suffers from an arbitrary file upload issue in page where a Form from the plugin is embed, as any file can be uploaded. The uploaded filename might be hard to guess as it's generated with md5(uniqid(rand())), howeve...
N5 Upload Form Project N5 Upload Form
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »