CVE & Exploit Intelligence Database

CVE-2016-2914 5.4 MEDIUM EPSS 0.01

Unrestricted file upload vulnerability in the Document Builder in IBM Rational Publishing Engine (aka RPENG) 2.0.1 before ifix002 allows remote authenticated users to execute arbitrary code by specifying an unexpected file extension.

CWE-434 Aug 08, 2016

CVE-2016-3088 9.8 CRITICAL KEV RANSOMWARE 10 PoCs Analysis NUCLEI EPSS 0.94

The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request.

CWE-434 Jun 01, 2016

CVE-2015-4524 EPSS 0.01

Unrestricted file upload vulnerability in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum Digital Assets Manager 6.5SP6 before P25; Documentum Web Publishers 6.5 SP7 before P25; and Documentum Task Space 6.7SP1 before P31 and 6.7SP2 before P23 allows remote authenticated users to execute arbitrary code by uploading a file to the backend Content Server.

CWE-434 Jul 04, 2015

CVE-2015-0702 EPSS 0.01

Unrestricted file upload vulnerability in the Custom Prompts upload implementation in Cisco Unified MeetingPlace 8.6(1.9) allows remote authenticated users to execute arbitrary code by using the languageShortName parameter to upload a file that provides shell access, aka Bug ID CSCus95712.

CWE-434 Apr 21, 2015

CVE-2006-6994 EPSS 0.01

Unrestricted file upload vulnerability in add.asp in OzzyWork Gallery, possibly 2.0 and earlier, allows remote attackers to upload and execute arbitrary ASP files by removing the client-side security checks.

CWE-434 Feb 12, 2007

CVE-2006-5845 EPSS 0.01

Unrestricted file upload vulnerability in index.php in Speedywiki 2.0 allows remote authenticated users to upload and execute arbitrary PHP code by setting the upload parameter to 1.

CWE-434 Nov 10, 2006

CVE-2006-4558 1 PoC Analysis EPSS 0.09

DeluxeBB 1.06 and earlier, when run on the Apache HTTP Server with the mod_mime module, allows remote attackers to execute arbitrary PHP code by uploading files with double extensions via the fileupload parameter in a newthread action in newpost.php.

CWE-434 Sep 06, 2006

CVE-2006-4471 EPSS 0.00

The Admin Upload Image functionality in Joomla! before 1.0.11 allows remote authenticated users to upload files outside of the /images/stories/ directory via unspecified vectors.

CWE-434 Aug 31, 2006

CVE-2006-2428 EPSS 0.01

add.asp in DUware DUbanner 3.1 allows remote attackers to execute arbitrary code by uploading files with arbitrary extensions, such as ASP files, probably due to client-side enforcement that can be bypassed. NOTE: some of these details are obtained from third party information, since the raw source is vague.

CWE-434 May 17, 2006

CVE-2005-3288 EPSS 0.01

Mailsite Express allows remote attackers to upload and execute files with executable extensions such as ASP by attaching the file using the "compose page" feature, then accessing the file from the cache directory before saving or sending the message.

CWE-434 Oct 23, 2005

CVE-2005-1868 EPSS 0.01

I-Man 0.9, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by uploading a file attachment with a .php extension.

CWE-434 Jun 09, 2005

CVE-2005-1881 1 PoC Analysis EPSS 0.07

upload.php in YaPiG 0.92b, 0.93u and 0.94u does not properly restrict the file extension for uploaded image files, which allows remote attackers to upload arbitrary files and execute arbitrary PHP code.

CWE-434 Jun 06, 2005

CVE-2005-0254 3.7 LOW EPSS 0.01

BibORB 1.3.2, and possibly earlier versions, does not properly enforce a restriction for uploading only PDF and PS files, which allows remote attackers to upload arbitrary files that are presented to other users with PDF or PS icons, which may trick some users into downloading and executing those files.

CWE-434 May 02, 2005

CVE-2004-2262 1 PoC Analysis EPSS 0.22

ImageManager in e107 before 0.617 does not properly check the types of uploaded files, which allows remote attackers to execute arbitrary code by uploading a PHP file via the upload parameter to images.php.

CWE-434 Dec 31, 2004

CVE-2002-1841 EPSS 0.01

The document management module in NOLA 1.1.1 and 1.1.2 does not restrict the types of files that are uploaded, which allows remote attackers to upload and execute arbitrary PHP files with extensions such as .php4.

CWE-434 Dec 31, 2002

CVE-2001-0901 EPSS 0.01

Hypermail allows remote attackers to execute arbitrary commands on a server supporting SSI via an attachment with a .shtml extension, which is archived on the server and can then be executed by requesting the URL for the attachment.

CWE-434 Nov 19, 2001

CVE-2001-1099 EPSS 0.03

The default configuration of Norton AntiVirus for Microsoft Exchange 2000 2.x allows remote attackers to identify the recipient's INBOX file path by sending an email with an attachment containing malicious content, which includes the path in the rejection notice.

CWE-434 Sep 07, 2001

CVE-2001-0340 EPSS 0.08

An interaction between the Outlook Web Access (OWA) service in Microsoft Exchange 2000 Server and Internet Explorer allows attackers to execute malicious script code against a user's mailbox via a message attachment that contains HTML code, which is executed automatically.

CWE-434 Jul 21, 2001

CVE-1999-0036 8.4 HIGH 2 PoCs Analysis EPSS 0.01

IRIX login program with a nonzero LOCKOUT parameter allows creation or damage to files.

CWE-434 May 26, 1997