Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-08 | CVE-2021-34685 | Unrestricted Upload of File with Dangerous Type vulnerability in Hitachi Vantara Pentaho UploadService in Hitachi Vantara Pentaho Business Analytics through 9.1 does not properly verify uploaded user files, which allows an authenticated user to upload various files of different file types. | 7.2 |
| 2021-11-05 | CVE-2021-42669 | Unrestricted Upload of File with Dangerous Type vulnerability in Engineers Online Portal Project Engineers Online Portal A file upload vulnerability exists in Sourcecodester Engineers Online Portal in PHP via dashboard_teacher.php, which allows changing the avatar through teacher_avatar.php. | 9.8 |
| 2021-11-03 | CVE-2020-18261 | Unrestricted Upload of File with Dangerous Type vulnerability in Ed01-Cms Project Ed01-Cms 1.0 An arbitrary file upload vulnerability in the image upload function of ED01-CMS v1.0 allows attackers to execute arbitrary commands. | 9.8 |
| 2021-11-01 | CVE-2021-26740 | Unrestricted Upload of File with Dangerous Type vulnerability in Doyocms Project Doyocms 2.3 Arbitrary file upload vulnerability sysupload.php in millken doyocms 2.3 allows attackers to execute arbitrary code. | 9.8 |
| 2021-11-01 | CVE-2021-38847 | Unrestricted Upload of File with Dangerous Type vulnerability in S-Cart S-Cart v6.4.1 and below was discovered to contain an arbitrary file upload vulnerability in the Editor module on the Admin panel. | 8.8 |
| 2021-10-29 | CVE-2021-41646 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Reviewer System Project Online Reviewer System 1.0 Remote Code Execution (RCE) vulnerability exists in Sourcecodester Online Reviewer System 1.0 by uploading a maliciously crafted PHP file that bypasses the image upload filters.. | 9.8 |
| 2021-10-29 | CVE-2021-41643 | Unrestricted Upload of File with Dangerous Type vulnerability in Church Management System Project Church Management System 1.0 Remote Code Execution (RCE) vulnerability exists in Sourcecodester Church Management System 1.0 via the image upload field. | 9.8 |
| 2021-10-29 | CVE-2021-41644 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Food Ordering System Project Online Food Ordering System 2.0 Remote Code Exection (RCE) vulnerability exists in Sourcecodester Online Food Ordering System 2.0 via a maliciously crafted PHP file that bypasses the image upload filters. | 9.8 |
| 2021-10-29 | CVE-2021-41645 | Unrestricted Upload of File with Dangerous Type vulnerability in Oretnom23 Budget and Expense Tracker System 1.0 Remote Code Execution (RCE) vulnerability exists in Sourcecodester Budget and Expense Tracker System 1.0 that allows a remote malicious user to inject arbitrary code via the image upload field. | 8.8 |
| 2021-10-29 | CVE-2021-41675 | Unrestricted Upload of File with Dangerous Type vulnerability in E-Negosyo System Project E-Negosyo System 1.0 A Remote Code Execution (RCE) vulnerabilty exists in Sourcecodester E-Negosyo System 1.0 in /admin/produts/controller.php via the doInsert function, which validates images with getImageSizei. | 7.2 |