Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-20 | CVE-2024-9038 | Unrestricted Upload of File with Dangerous Type vulnerability in Codezips Online Shopping Portal 1.0 A vulnerability classified as problematic was found in Codezips Online Shopping Portal 1.0. | 9.8 |
| 2024-09-19 | CVE-2024-40125 | Unrestricted Upload of File with Dangerous Type vulnerability in Closed-Loop Cless Server 4.5.2 An arbitrary file upload vulnerability in the Media Manager function of Closed-Loop Technology CLESS Server v4.5.2 allows attackers to execute arbitrary code via uploading a crafted PHP file to the upload endpoint. | 9.8 |
| 2024-09-17 | CVE-2024-45398 | Unrestricted Upload of File with Dangerous Type vulnerability in Contao Contao is an Open Source CMS. | 8.8 |
| 2024-09-13 | CVE-2024-8242 | Unrestricted Upload of File with Dangerous Type vulnerability in Inspireui Mstore API The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the update_user_profile() function in all versions up to, and including, 4.15.3. | 8.8 |
| 2024-09-11 | CVE-2024-27115 | Unrestricted Upload of File with Dangerous Type vulnerability in Soplanning A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online planning tool. | 9.8 |
| 2024-09-10 | CVE-2024-44871 | Unrestricted Upload of File with Dangerous Type vulnerability in Mozilo Mozilocms 3.0 An arbitrary file upload vulnerability in the component /admin/index.php of moziloCMS v3.0 allows attackers to execute arbitrary code via uploading a crafted file. | 7.2 |
| 2024-09-10 | CVE-2024-7770 | Unrestricted Upload of File with Dangerous Type vulnerability in Bitapps File Manager The Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'upload' function in all versions up to, and including, 6.5.5. | 8.8 |
| 2024-09-07 | CVE-2024-7620 | The Customizer Export/Import plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the '_import' function in all versions up to, and including, 0.9.7. | 6.6 |
| 2024-09-05 | CVE-2024-8463 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul JOB Portal 1.0 File upload restriction bypass vulnerability in PHPGurukul Job Portal 1.0, the exploitation of which could allow an authenticated user to execute an RCE via webshell. | 8.8 |
| 2024-09-04 | CVE-2024-45076 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Webmethods Integration 10.15 IBM webMethods Integration 10.15 could allow an authenticated user to upload and execute arbitrary files which could be executed on the underlying operating system. | 9.9 |