VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Unrestricted Upload of File with Dangerous Type
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-12-20
CVE-2024-40695
IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0 through 12.0.4 could be vulnerable to malicious file upload by not validating the content of the file uploaded to the web interface.
network
low complexity
CWE-434
8.0
8.0
2024-12-14
CVE-2024-9698
The Crafthemes Demo Import plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'process_uploaded_files' function in all versions up to, and including, 3.3.
network
low complexity
CWE-434
7.2
7.2
2024-12-13
CVE-2024-9290
The Super Backup & Clone - Migrate for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation and a missing capability check on the ibk_restore_migrate_check() function in all versions up to, and including, 2.3.3.
network
low complexity
CWE-434
critical
9.8
9.8
2024-12-13
CVE-2024-12042
The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the profile picture upload functionality in all versions up to, and including, 4.16.4 due to insufficient file type validation.
network
low complexity
CWE-434
5.4
5.4
2024-12-12
CVE-2024-10590
The Opt-In Downloads plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the admin_upload() function in all versions up to, and including, 4.07.
network
low complexity
CWE-434
8.8
8.8
2024-12-05
CVE-2024-12233
Unrestricted Upload of File with Dangerous Type vulnerability in Fabianros Online Notice Board 1.0
A vulnerability was found in code-projects Online Notice Board up to 1.0 and classified as critical.
network
low complexity
fabianros
CWE-434
critical
9.8
9.8
2024-12-03
CVE-2024-25020
Unrestricted Upload of File with Dangerous Type vulnerability in IBM Cognos Controller 11.0.0/11.0.1
IBM Cognos Controller 11.0.0 and 11.0.1 is vulnerable to malicious file upload by allowing unrestricted filetype attachments in the Journal entry page.
network
low complexity
ibm
CWE-434
critical
9.8
9.8
2024-12-03
CVE-2024-25019
Unrestricted Upload of File with Dangerous Type vulnerability in IBM Cognos Controller 11.0.0/11.0.1
IBM Cognos Controller 11.0.0 and 11.0.1 could be vulnerable to malicious file upload by not validating the type of file uploaded to Journal entry attachments.
network
low complexity
ibm
CWE-434
critical
9.8
9.8
2024-12-03
CVE-2024-40691
Unrestricted Upload of File with Dangerous Type vulnerability in IBM Cognos Controller 11.0.0/11.0.1
IBM Cognos Controller 11.0.0 and 11.0.1 could be vulnerable to malicious file upload by not validating the content of the file uploaded to the web interface.
network
low complexity
ibm
CWE-434
critical
9.8
9.8
2024-11-28
CVE-2024-11971
Unrestricted Upload of File with Dangerous Type vulnerability in Jpress 5.1.2
A vulnerability classified as problematic was found in Guizhou Xiaoma Technology jpress 5.1.2.
network
low complexity
jpress
CWE-434
5.4
5.4
«
1
(current)
2
3
4
5
...
191
192
»
Next