Page 6 of 8830 results (0.009 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

This allows unauthenticated remote attackers to upload arbitrary files to any directory, leading to arbitrary code execution by uploading webshells. • https://www.twcert.org.tw/en/cp-139-8253-bc363-2.html https://www.twcert.org.tw/tw/cp-132-8252-91d6a-1.html • CWE-23: Relative Path Traversal CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

This allows unauthenticated remote attackers to upload arbitrary files to any directory, leading to arbitrary code execution by uploading webshells. • https://www.twcert.org.tw/en/cp-139-8251-3455e-2.html https://www.twcert.org.tw/tw/cp-132-8250-1837b-1.html • CWE-23: Relative Path Traversal CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

This allows unauthenticated remote attackers to upload arbitrary files to any directory, leading to arbitrary code execution by uploading webshells. • https://www.twcert.org.tw/en/cp-139-8249-65252-2.html https://www.twcert.org.tw/tw/cp-132-8248-8dac9-1.html • CWE-23: Relative Path Traversal CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

This allows unauthenticated remote attackers to upload arbitrary files to any directory, leading to arbitrary code execution by uploading webshells. • https://www.twcert.org.tw/en/cp-139-8247-83457-2.html https://www.twcert.org.tw/tw/cp-132-8246-d462a-1.html • CWE-23: Relative Path Traversal CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

Jpress until v5.1.1 has arbitrary file uploads on the windows platform, and the construction of non-standard file formats such as .jsp. can lead to arbitrary command execution • https://gist.github.com/microvorld/516552dcef65acc2d1ab0fb969cd34a3 https://github.com/JPressProjects/jpress https://github.com/microvorld/CVE-2024/blob/main/jpress.md • CWE-94: Improper Control of Generation of Code ('Code Injection') •