Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-20 | CVE-2024-52677 | Unrestricted Upload of File with Dangerous Type vulnerability in Hkcms 2.3.0.230709 HkCms <= v2.3.2.240702 is vulnerable to file upload in the getFileName method in /app/common/library/Upload.php. | 9.8 |
| 2024-11-20 | CVE-2024-51208 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul Boat Booking System 1.0 File Upload vulnerability in change-image.php in Anuj Kumar's Boat Booking System version 1.0 allows local attackers to upload a malicious PHP script via the Image Upload Mechanism parameter. | 7.2 |
| 2024-11-18 | CVE-2024-52429 | Unrestricted Upload of File with Dangerous Type vulnerability in Antonhoelstad WP Quick Setup Unrestricted Upload of File with Dangerous Type vulnerability in Anton Hoelstad WP Quick Setup allows Upload a Web Shell to a Web Server.This issue affects WP Quick Setup: from n/a through 2.0. | 8.8 |
| 2024-11-18 | CVE-2024-11311 | Unrestricted Upload of File with Dangerous Type vulnerability in Trcore DVC The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. | 9.8 |
| 2024-11-18 | CVE-2024-11312 | Unrestricted Upload of File with Dangerous Type vulnerability in Trcore DVC The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. | 9.8 |
| 2024-11-18 | CVE-2024-11313 | Unrestricted Upload of File with Dangerous Type vulnerability in Trcore DVC The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. | 9.8 |
| 2024-11-18 | CVE-2024-11314 | Unrestricted Upload of File with Dangerous Type vulnerability in Trcore DVC The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. | 9.8 |
| 2024-11-18 | CVE-2024-11315 | Unrestricted Upload of File with Dangerous Type vulnerability in Trcore DVC The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. | 9.8 |
| 2024-11-16 | CVE-2024-8856 | The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the the UploadHandler.php file and no direct file access prevention in all versions up to, and including, 1.22.21. | 9.8 |
| 2024-11-15 | CVE-2024-50652 | Unrestricted Upload of File with Dangerous Type vulnerability in Geeeeeeeek Java Shop 1.0 A file upload vulnerability in java_shop 1.0 allows attackers to upload arbitrary files by modifying the avatar function. | 4.3 |