Vulnerabilities > Unrestricted Upload of File with Dangerous Type

DATE CVE VULNERABILITY TITLE RISK
2023-09-25 CVE-2023-5154 ** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in D-Link DAR-8000 up to 20151231 and classified as critical.
network
low complexity
CWE-434
8.8
2023-09-25 CVE-2023-5150 ** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical has been found in D-Link DAR-7000 and DAR-8000 up to 20151231.
network
low complexity
CWE-434
8.8
2023-09-25 CVE-2023-5147 ** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DAR-7000 up to 20151231.
network
low complexity
CWE-434
8.8
2023-09-25 CVE-2023-5148 ** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DAR-7000 and DAR-8000 up to 20151231.
network
low complexity
CWE-434
8.8
2023-09-25 CVE-2023-5149 ** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DAR-7000 up to 20151231.
network
low complexity
CWE-434
8.8
2023-09-20 CVE-2023-42331 Unrestricted Upload of File with Dangerous Type vulnerability in Elitecms Elite CMS 1.01
A file upload vulnerability in EliteCMS 1.01 allows a remote attacker to execute arbitrary code via the manage_uploads.php component.
network
low complexity
elitecms CWE-434
8.8
2023-09-20 CVE-2023-42335 Unrestricted Upload of File with Dangerous Type vulnerability in Fl3Xx Crew and Dispatch
Unrestricted File Upload vulnerability in Fl3xx Dispatch 2.10.37 and fl3xx Crew 2.10.37 allows a remote attacker to execute arbitrary code via the add attachment function in the New Expense component.
network
low complexity
fl3xx CWE-434
8.8
2023-09-20 CVE-2023-43497 Unrestricted Upload of File with Dangerous Type vulnerability in Jenkins
In Jenkins 2.423 and earlier, LTS 2.414.1 and earlier, processing file uploads using the Stapler web framework creates temporary files in the default system temporary directory with the default permissions for newly created files, potentially allowing attackers with access to the Jenkins controller file system to read and write the files before they are used.
network
low complexity
jenkins CWE-434
8.1
2023-09-20 CVE-2023-43478 Unrestricted Upload of File with Dangerous Type vulnerability in Telstra Arcadyan Lh1000 Firmware
fake_upload.cgi on the Telstra Smart Modem Gen 2 (Arcadyan LH1000), firmware versions < 0.18.15r, allows unauthenticated attackers to upload firmware images and configuration backups, which could allow them to alter the firmware or the configuration on the device, ultimately leading to code execution as root. 
network
low complexity
telstra CWE-434
critical
9.8
2023-09-20 CVE-2023-38887 Unrestricted Upload of File with Dangerous Type vulnerability in Dolibarr Erp/Crm
File Upload vulnerability in Dolibarr ERP CRM v.17.0.1 and before allows a remote attacker to execute arbitrary code and obtain sensitive information via the extension filtering and renaming functions.
network
low complexity
dolibarr CWE-434
8.8