Ausnahme gefangen: SSL certificate problem: certificate is not yet valid ๐Ÿ“Œ Unrestricted file upload vulnerability
Team IT Security Nachrichtenportal Logo

๐Ÿ  Team IT Security News

TSecurity.de ist eine Online-Plattform, die sich auf die Bereitstellung von Informationen,alle 15 Minuten neuste Nachrichten, Bildungsressourcen und Dienstleistungen rund um das Thema IT-Sicherheit spezialisiert hat.
Ob es sich um aktuelle Nachrichten, Fachartikel, Blogbeitrรคge, Webinare, Tutorials, oder Tipps & Tricks handelt, TSecurity.de bietet seinen Nutzern einen umfassenden รœberblick รผber die wichtigsten Aspekte der IT-Sicherheit in einer sich stรคndig verรคndernden digitalen Welt.

16.12.2023 - TIP: Wer den Cookie Consent Banner akzeptiert, kann z.B. von Englisch nach Deutsch รผbersetzen, erst Englisch auswรคhlen dann wieder Deutsch!

Google Android Playstore Download Button fรผr Team IT Security
RSS Feed Symbol fรผr Team IT Security 800+ IT News als RSS Feed abonnieren



๐Ÿ“š Unrestricted file upload vulnerability


๐Ÿ’ก Newskategorie: Sicherheitslรผcken
๐Ÿ”— Quelle: portal.patchman.co

Utilizing this vulnerability, a form submitter could bypass Contact Form 7โ€™s filename sanitization, and upload a file which could be executed as a script file on the host server.

This vulnerability affects the following application versions:

  • Contact Form 7 3.5.3
  • Contact Form 7 3.5.4
  • Contact Form 7 3.6
  • Contact Form 7 3.7
  • Contact Form 7 3.7.1
  • Contact Form 7 3.7.2
  • Contact Form 7 3.8
  • Contact Form 7 3.8.1
  • Contact Form 7 3.9
  • Contact Form 7 3.9.1
  • Contact Form 7 3.9.2
  • Contact Form 7 3.9.3
  • Contact Form 7 3.9-beta
  • Contact Form 7 4.0
  • Contact Form 7 4.0.1
  • Contact Form 7 4.0.2
  • Contact Form 7 4.0.3
  • Contact Form 7 4.1
  • Contact Form 7 4.1.1
  • Contact Form 7 4.1.2
  • Contact Form 7 4.1-beta
  • Contact Form 7 4.2
  • Contact Form 7 4.2.1
  • Contact Form 7 4.2.2
  • Contact Form 7 4.2-beta
  • Contact Form 7 4.3
  • Contact Form 7 4.3.1
  • Contact Form 7 4.4
  • Contact Form 7 4.4.1
  • Contact Form 7 4.4.2
  • Contact Form 7 4.5
  • Contact Form 7 4.5.1
  • Contact Form 7 4.6
  • Contact Form 7 4.6.1
  • Contact Form 7 4.7
  • Contact Form 7 4.8
  • Contact Form 7 4.8.1
  • Contact Form 7 4.9
  • Contact Form 7 4.9.1
  • Contact Form 7 4.9.2
  • Contact Form 7 5.0
  • Contact Form 7 5.0.1
  • Contact Form 7 5.0.2
  • Contact Form 7 5.0.3
  • Contact Form 7 5.0.4
  • Contact Form 7 5.0.5
  • Contact Form 7 5.1
  • Contact Form 7 5.1.1
  • Contact Form 7 5.1.2
  • Contact Form 7 5.1.3
  • Contact Form 7 5.1.4
  • Contact Form 7 5.1.5
  • Contact Form 7 5.1.6
  • Contact Form 7 5.1.7
  • Contact Form 7 5.1.8
  • Contact Form 7 5.1.9
  • Contact Form 7 5.2
  • Contact Form 7 5.2.1
  • Contact Form 7 5.2.2
  • Contact Form 7 5.3
  • Contact Form 7 5.3.1
...



Sharing is caring on Social Media

๐Ÿ”— Reddit
๐Ÿ”— Telegram
๐Ÿ”— LinkedIn
๐Ÿ”— Xing
๐Ÿ”— Twitter
๐Ÿ”— Whatsapp
๐Ÿ”— Facebook
๐Ÿ”— Flipboard

Join the Team IT Security Community

๐Ÿ”— "IT Sicherheit" Reddit-Gruppe
๐Ÿ”— "IT Sicherheit" Telegramm-Seite

๐Ÿ“Œ CVE-2022-3771 | easyii CMS File Upload Management helpers/Upload.php file unrestricted upload


๐Ÿ“ˆ 40.37 Punkte

๐Ÿ“Œ CVE-2015-5681 | Powerplay Gallery Plugin 3.3 on WordPress File Upload upload.php unrestricted upload (ID 132671)


๐Ÿ“ˆ 36.25 Punkte

๐Ÿ“Œ CVE-2017-15054 | TeamPass up to 2.1.27.8 File Upload upload.files.php Parameter unrestricted upload (ID 865292)


๐Ÿ“ˆ 36.25 Punkte

๐Ÿ“Œ CVE-2023-1970 | yuan1994 tpAdmin 1.3.12 Upload.php Upload file unrestricted upload


๐Ÿ“ˆ 36.25 Punkte

๐Ÿ“Œ CVE-2019-19634 | verot.net class.upload up to 2.0.4 File Extension class.upload.php unrestricted upload


๐Ÿ“ˆ 36.25 Punkte

๐Ÿ“Œ CVE-2023-6902 | codelyfe Stupid Simple CMS up to 1.2.4 /file-manager/upload.php file unrestricted upload


๐Ÿ“ˆ 33.37 Punkte

๐Ÿ“Œ CVE-2020-10225 | PHPGurukul Job Portal 1.0 File Upload admin/gallery.php PHP File unrestricted upload (EDB-47881)


๐Ÿ“ˆ 33.37 Punkte

๐Ÿ“Œ CVE-2020-10224 | PHPGurukul Online Book Store 1.0 File Upload admin_add.php PHP File unrestricted upload (EDB-47887)


๐Ÿ“ˆ 33.37 Punkte

๐Ÿ“Œ CVE-2023-6887 | saysky ForestBlog up to 20220630 Image Upload /admin/upload/img filename unrestricted upload


๐Ÿ“ˆ 32.12 Punkte

๐Ÿ“Œ TestLink 1.9.20 File Upload keywordsImport.php unrestricted upload


๐Ÿ“ˆ 29.24 Punkte

๐Ÿ“Œ SEMrush: Unrestricted file upload in www.semrush.com > /my_reports/api/v1/upload/image


๐Ÿ“ˆ 29.24 Punkte

๐Ÿ“Œ Dropcontact: Unrestricted File Upload on https://app.dropcontact.io/app/upload/


๐Ÿ“ˆ 29.24 Punkte

๐Ÿ“Œ Phproject up to 1.7.7 File Upload unrestricted upload


๐Ÿ“ˆ 29.24 Punkte

๐Ÿ“Œ up to 1.3.3.2 on WordPress File Upload unrestricted upload


๐Ÿ“ˆ 29.24 Punkte

๐Ÿ“Œ concrete5 up to 8.5.2 File Upload unrestricted upload


๐Ÿ“ˆ 29.24 Punkte

๐Ÿ“Œ OpenClinic GA 5.09.02/5.89.05b File Upload Verification unrestricted upload


๐Ÿ“ˆ 29.24 Punkte

๐Ÿ“Œ Dolibarr CRM up to 11.0.4 File Upload unrestricted upload


๐Ÿ“ˆ 29.24 Punkte

๐Ÿ“Œ LibreHealth EHR 2.0.0 File Upload new_comprehensive_save.php unrestricted upload


๐Ÿ“ˆ 29.24 Punkte

๐Ÿ“Œ SourceCodester Car Rental Management System 1.0 File Upload index.php unrestricted upload


๐Ÿ“ˆ 29.24 Punkte

๐Ÿ“Œ Magento up to 2.3.5p1/2.4.0 File Upload unrestricted upload


๐Ÿ“ˆ 29.24 Punkte

๐Ÿ“Œ UCMS 1.5.0 File Upload unrestricted upload


๐Ÿ“ˆ 29.24 Punkte

๐Ÿ“Œ Eaton Intelligent Power Manager up to 1.68 File Upload maps_srv.js uploadBackgroud unrestricted upload


๐Ÿ“ˆ 29.24 Punkte

๐Ÿ“Œ Orchard up to 1.9 TinyMCE HTML Editor File Upload unrestricted upload


๐Ÿ“ˆ 29.24 Punkte

๐Ÿ“Œ CVE-2016-1524 | Netgear Management System NMS300 up to 1.5.0.11 File Upload fileUpload.do unrestricted upload (ID 135618 / EDB-39412)


๐Ÿ“ˆ 29.24 Punkte

๐Ÿ“Œ CVE-2022-34919 | Zengenti Contensis Classic prior 15.2.1.79 File Upload Wizard unrestricted upload


๐Ÿ“ˆ 29.24 Punkte

๐Ÿ“Œ CVE-2022-40050 | ZFile 4.1.1 /file/upload/1 unrestricted upload


๐Ÿ“ˆ 29.24 Punkte

๐Ÿ“Œ CVE-2022-40048 | Flatpress 1.2.1 Upload File unrestricted upload (ID 152)


๐Ÿ“ˆ 29.24 Punkte

๐Ÿ“Œ CVE-2023-23314 | zdir 3.2.0 SSH File /api/upload unrestricted upload (ID 90)


๐Ÿ“ˆ 29.24 Punkte

๐Ÿ“Œ CVE-2022-45527 | Future-Depth IMS 1.0 File Upload unrestricted upload


๐Ÿ“ˆ 29.24 Punkte

๐Ÿ“Œ TikTok: Unrestricted File Upload on https://partner.tiktokshop.com/wsos_v2/oec_partner/upload


๐Ÿ“ˆ 29.24 Punkte

๐Ÿ“Œ CVE-2023-20195 | Cisco Identity Services Engine Software up to 3.2.0 p2 unrestricted upload (cisco-sa-ise-file-upload-FceLP4xs)


๐Ÿ“ˆ 29.24 Punkte

๐Ÿ“Œ CVE-2023-20196 | Cisco Identity Services Engine Software up to 3.2.0 p2 unrestricted upload (cisco-sa-ise-file-upload-FceLP4xs)


๐Ÿ“ˆ 29.24 Punkte

๐Ÿ“Œ CVE-2023-5822 | Drag and Drop Multiple File Upload Contact Form 7 up to 1.3.7.3 on WordPress unrestricted upload


๐Ÿ“ˆ 29.24 Punkte

๐Ÿ“Œ CVE-2023-48930 | Xinhu Xinhuoa 2.2.1 File Upload unrestricted upload


๐Ÿ“ˆ 29.24 Punkte

๐Ÿ“Œ CVE-2019-17536 | Gila CMS up to 1.11.4 File Upload core/controllers/fm.php moveAction unrestricted upload


๐Ÿ“ˆ 29.24 Punkte











matomo

Kontakt

24/7 kontakt@tsecurity.de

Weitere Informationen

Google Android Playstore Download Button fรผr Team IT Security
๐Ÿ”— Impressum
๐Ÿ”— Datenschutz
Paypal Spenden fรผr Projekt

Social Media

๐Ÿ”— Facebook
๐Ÿ”— Reddit
๐Ÿ”— Team IT Security als Elektron App
๐Ÿ”— © 2015-2023 Team IT Security Nachrichtenportal รผber Cybersecurity
๐Ÿ”— CMS "myDraft" a PHP Portal Software