WEB APPLICATION VULNERABILITIES Standard & Premium

Nexus Repository Manager Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-16530)

Description

Sonatype Nexus Repository Manager 2.x before 2.14.15 and 3.x before 3.19, and IQ Server before 72, has remote code execution.

Remediation

References

Related Vulnerabilities

WordPress Plugin WP Image Zoom Local File Inclusion (1.46)

Oracle Database Server CVE-2006-0260 Vulnerability (CVE-2006-0260)

PHP NULL Pointer Dereference Vulnerability (CVE-2016-7130)

WordPress Plugin Simple Image Manipulator Arbitrary File Download (1.0)

WordPress Plugin Download Shortcode Local File Inclusion (0.2.3)

Severity

High

Classification

CVE-2019-16530 CWE-434 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities