Total
3524 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-10292 | 1 Zzcms | 1 Zzcms | 2024-10-30 | 6.3 Medium |
| A vulnerability was found in ZZCMS 2023 and classified as critical. This issue affects some unknown processing of the file 3/Ebak5.1/upload/ChangeTable.php. The manipulation of the argument savefilename leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-10293 | 1 Zzcms | 1 Zzcms | 2024-10-30 | 6.3 Medium |
| A vulnerability was found in ZZCMS 2023. It has been classified as critical. Affected is the function Ebak_SetGotoPak of the file 3/Ebbak5.1/upload/class/functions.php. The manipulation of the argument file leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-10410 | 2 Janobe, Sourcecodester | 2 Online Hotel Reservation System, Online Hotel Reservation System | 2024-10-29 | 6.3 Medium |
| A vulnerability classified as critical was found in SourceCodester Online Hotel Reservation System 1.0. Affected by this vulnerability is the function upload of the file /admin/mod_room/controller.php?action=add. The manipulation of the argument image leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-10413 | 1 Janobe | 1 Online Hotel Reservation System | 2024-10-29 | 6.3 Medium |
| A vulnerability, which was classified as critical, has been found in SourceCodester Online Hotel Reservation System 1.0. Affected by this issue is the function upload of the file /guest/update.php. The manipulation of the argument image leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-50494 | 1 Amin Omer | 1 Wc Sudan Payment Gateway | 2024-10-29 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Amin Omer Sudan Payment Gateway for WooCommerce allows Upload a Web Shell to a Web Server.This issue affects Sudan Payment Gateway for WooCommerce: from n/a through 1.2.2. | ||||
| CVE-2024-50493 | 1 Masterhomepage | 1 Automatic Translation | 2024-10-29 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in masterhomepage Automatic Translation allows Upload a Web Shell to a Web Server.This issue affects Automatic Translation: from n/a through 1.0.4. | ||||
| CVE-2024-50484 | 1 Mahlamusa | 1 Multi Purpose Mail Form | 2024-10-29 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in mahlamusa Multi Purpose Mail Form allows Upload a Web Shell to a Web Server.This issue affects Multi Purpose Mail Form: from n/a through 1.0.2. | ||||
| CVE-2024-50482 | 1 Chetan Khandla | 1 Woocommerce Product Design | 2024-10-29 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Chetan Khandla Woocommerce Product Design allows Upload a Web Shell to a Web Server.This issue affects Woocommerce Product Design: from n/a through 1.0.0. | ||||
| CVE-2024-50473 | 1 Ajar Productions | 1 Ajar In5 Embed | 2024-10-29 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Ajar Productions Ajar in5 Embed allows Upload a Web Shell to a Web Server.This issue affects Ajar in5 Embed: from n/a through 3.1.3. | ||||
| CVE-2024-50420 | 1 Adirectory | 1 Adirectory | 2024-10-29 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in adirectory aDirectory allows Upload a Web Shell to a Web Server.This issue affects aDirectory: from n/a through 1.3. | ||||
| CVE-2024-50480 | 1 Azexo | 1 Marketing Automation By Azexo | 2024-10-29 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in azexo Marketing Automation by AZEXO allows Upload a Web Shell to a Web Server.This issue affects Marketing Automation by AZEXO: from n/a through 1.27.80. | ||||
| CVE-2024-50427 | 1 Devsoft Baltic | 1 Surveyjs | 2024-10-29 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Devsoft Baltic OĆ SurveyJS: Drag & Drop WordPress Form Builder.This issue affects SurveyJS: Drag & Drop WordPress Form Builder: from n/a through 1.9.136. | ||||
| CVE-2024-10420 | 1 Nurhodelta17 | 1 Attendance And Payroll System | 2024-10-29 | 6.3 Medium |
| A vulnerability classified as critical has been found in SourceCodester Attendance and Payroll System 1.0. This affects the function upload of the file /marimar/guest/update.php. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-9932 | 1 Jurre De Klijn | 1 Wux Blog Editor | 2024-10-28 | 9.8 Critical |
| The Wux Blog Editor plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'wuxbt_insertImageNew' function in versions up to, and including, 3.0.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. | ||||
| CVE-2024-49669 | 1 Alexander De Ridder | 1 Ink Official | 2024-10-25 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Alexander De Ridder INK Official allows Upload a Web Shell to a Web Server.This issue affects INK Official: from n/a through 4.1.2. | ||||
| CVE-2024-49658 | 1 Ecomerciar | 1 Woocommerce Custom Profile Picture | 2024-10-25 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Ecomerciar Woocommerce Custom Profile Picture allows Upload a Web Shell to a Web Server.This issue affects Woocommerce Custom Profile Picture: from n/a through 1.0. | ||||
| CVE-2024-49653 | 1 James Egger | 1 Portfolleo | 2024-10-25 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in James Eggers Portfolleo portfolleo allows Upload a Web Shell to a Web Server.This issue affects Portfolleo: from n/a through 1.2. | ||||
| CVE-2024-49668 | 1 Admin | 1 Verbalize | 2024-10-25 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Admin Verbalize WP Upload a Web Shell to a Web Server.This issue affects Verbalize WP: from n/a through 1.0. | ||||
| CVE-2024-49671 | 1 Postpix | 1 Ai Postpix | 2024-10-25 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Dogu Pekgoz AI Image Generator for Your Content & Featured Images ā AI Postpix allows Upload a Web Shell to a Web Server.This issue affects AI Image Generator for Your Content & Featured Images ā AI Postpix: from n/a through 1.1.8. | ||||
| CVE-2024-49676 | 2024-10-25 | 6.6 Medium | ||
| Unrestricted Upload of File with Dangerous Type vulnerability in Michael Bourne Custom Icons for Elementor allows Upload a Web Shell to a Web Server.This issue affects Custom Icons for Elementor: from n/a through 0.3.3. | ||||