Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-16 | CVE-2023-1433 | Unrestricted Upload of File with Dangerous Type vulnerability in Gadget Works Online Ordering System Project Gadget Works Online Ordering System 1.0 A vulnerability was found in SourceCodester Gadget Works Online Ordering System 1.0. | 7.2 |
| 2023-03-15 | CVE-2023-28337 | Unrestricted Upload of File with Dangerous Type vulnerability in Netgear Rax30 Firmware When uploading a firmware image to a Netgear Nighthawk Wifi6 Router (RAX30), a hidden “forceFWUpdate” parameter may be provided to force the upgrade to complete and bypass certain validation checks. | 8.8 |
| 2023-03-15 | CVE-2023-1415 | Unrestricted Upload of File with Dangerous Type vulnerability in Simple ART Gallery Project Simple ART Gallery 1.0 A vulnerability was found in Simple Art Gallery 1.0. | 8.8 |
| 2023-03-15 | CVE-2023-27235 | Unrestricted Upload of File with Dangerous Type vulnerability in Jizhicms 2.4.5 An arbitrary file upload vulnerability in the \admin\c\CommonController.php component of Jizhicms v2.4.5 allows attackers to execute arbitrary code via a crafted phtml file. | 7.2 |
| 2023-03-15 | CVE-2023-27757 | Unrestricted Upload of File with Dangerous Type vulnerability in Perfree Perfreeblog 3.1.1 An arbitrary file upload vulnerability in the /admin/user/uploadImg component of PerfreeBlog v3.1.1 allows attackers to execute arbitrary code via a crafted JPG file. | 9.8 |
| 2023-03-14 | CVE-2023-26262 | Unrestricted Upload of File with Dangerous Type vulnerability in Sitecore Experience Manager and Experience Platform An issue was discovered in Sitecore XP/XM 10.3. | 8.8 |
| 2023-03-14 | CVE-2023-1391 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Tours & Travels Management System Project Online Tours & Travels Management System 1.0 A vulnerability, which was classified as problematic, was found in SourceCodester Online Tours & Travels Management System 1.0. | 9.8 |
| 2023-03-14 | CVE-2023-1392 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Pizza Ordering System Project Online Pizza Ordering System 1.0 A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. | 9.8 |
| 2023-03-13 | CVE-2023-0477 | Unrestricted Upload of File with Dangerous Type vulnerability in Cm-Wp Auto Featured Image The Auto Featured Image (Auto Post Thumbnail) WordPress plugin before 3.9.16 includes an AJAX endpoint that allows any user with at least Author privileges to upload arbitrary files, such as PHP files. | 8.8 |
| 2023-03-10 | CVE-2023-23328 | Unrestricted Upload of File with Dangerous Type vulnerability in Avantfax 3.3.7 A File Upload vulnerability exists in AvantFAX 3.3.7. | 8.8 |