Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-28 | CVE-2021-36547 | Unrestricted Upload of File with Dangerous Type vulnerability in Mara CMS Project Mara CMS 7.5 A remote code execution (RCE) vulnerability in the component /codebase/dir.php?type=filenew of Mara v7.5 allows attackers to execute arbitrary commands via a crafted PHP file. | 9.8 |
| 2021-10-28 | CVE-2021-36548 | Unrestricted Upload of File with Dangerous Type vulnerability in Monstra 3.0.4 A remote code execution (RCE) vulnerability in the component /admin/index.php?id=themes&action=edit_template&filename=blog of Monstra v3.0.4 allows attackers to execute arbitrary commands via a crafted PHP file. | 9.8 |
| 2021-10-27 | CVE-2021-37221 | Unrestricted Upload of File with Dangerous Type vulnerability in Customer Relationship Management System Project Customer Relationship Management System 1.0 A file upload vulnerability exists in Sourcecodester Customer Relationship Management System 1.0 via the account update option & customer create option, which could let a remote malicious user upload an arbitrary php file. | 8.8 |
| 2021-10-26 | CVE-2021-37372 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Student Admission System Project Online Student Admission System 1.0 Online Student Admission System 1.0 is affected by an insecure file upload vulnerability. | 8.8 |
| 2021-10-26 | CVE-2021-40344 | Unrestricted Upload of File with Dangerous Type vulnerability in Nagios XI 5.8.5 An issue was discovered in Nagios XI 5.8.5. | 7.2 |
| 2021-10-22 | CVE-2020-23043 | Unrestricted Upload of File with Dangerous Type vulnerability in AIR Sender Project AIR Sender 1.0.2 Tran Tu Air Sender v1.0.2 was discovered to contain an arbitrary file upload vulnerability in the upload module. | 8.8 |
| 2021-10-22 | CVE-2020-36485 | Unrestricted Upload of File with Dangerous Type vulnerability in Madeportable Playable 9.18 Portable Ltd Playable v9.18 was discovered to contain an arbitrary file upload vulnerability in the filename parameter of the upload module. | 7.8 |
| 2021-10-22 | CVE-2021-42840 | Unrestricted Upload of File with Dangerous Type vulnerability in Salesagility Suitecrm SuiteCRM before 7.11.19 allows remote code execution via the system settings Log File Name setting. | 8.8 |
| 2021-10-22 | CVE-2021-41745 | Unrestricted Upload of File with Dangerous Type vulnerability in Showdoc 2.8.3 ShowDoc 2.8.3 ihas a file upload vulnerability, where attackers can use the vulnerability to obtain server permissions. | 9.8 |
| 2021-10-19 | CVE-2021-38484 | Unrestricted Upload of File with Dangerous Type vulnerability in Inhandnetworks Ir615 Firmware 2.3.0.R4724/2.3.0.R4870 InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 do not have a filter or signature check to detect or prevent an upload of malicious files to the server, which may allow an attacker, acting as an administrator, to upload malicious files. | 7.2 |