Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-19 | CVE-2021-3846 | Unrestricted Upload of File with Dangerous Type vulnerability in Firefly-Iii Firefly III firefly-iii is vulnerable to Unrestricted Upload of File with Dangerous Type | 8.8 |
| 2021-10-14 | CVE-2021-42342 | Unrestricted Upload of File with Dangerous Type vulnerability in Embedthis Goahead An issue was discovered in GoAhead 4.x and 5.x before 5.1.5. | 9.8 |
| 2021-10-13 | CVE-2021-20130 | Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the PasswordExpiry interface. | 8.8 |
| 2021-10-13 | CVE-2021-20131 | Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the Personalization interface. | 8.8 |
| 2021-10-13 | CVE-2021-20125 | Unrestricted Upload of File with Dangerous Type vulnerability in Draytek Vigorconnect 1.6.0 An arbitrary file upload and directory traversal vulnerability exists in the file upload functionality of DownloadFileServlet in Draytek VigorConnect 1.6.0-B3. | 9.8 |
| 2021-10-11 | CVE-2021-40188 | Unrestricted Upload of File with Dangerous Type vulnerability in PHP-Fusion PHPfusion 9.03.110 PHPFusion 9.03.110 is affected by an arbitrary file upload vulnerability. | 7.2 |
| 2021-10-11 | CVE-2021-40189 | Unrestricted Upload of File with Dangerous Type vulnerability in PHP-Fusion PHPfusion 9.03.110 PHPFusion 9.03.110 is affected by a remote code execution vulnerability. | 7.2 |
| 2021-10-11 | CVE-2021-39317 | Unrestricted Upload of File with Dangerous Type vulnerability in Accesspressthemes products A WordPress plugin and several WordPress themes developed by AccessPress Themes are vulnerable to malicious file uploads via the plugin_offline_installer AJAX action due to a missing capability check in the plugin_offline_installer_callback function found in the /demo-functions.php file or /welcome.php file of the affected products. | 8.8 |
| 2021-10-08 | CVE-2021-41566 | Unrestricted Upload of File with Dangerous Type vulnerability in Tadtools Project Tadtools The file extension of the TadTools file upload function fails to filter, thus remote attackers can upload any types of files and execute arbitrary code without logging in. | 9.8 |
| 2021-10-08 | CVE-2021-41919 | Unrestricted Upload of File with Dangerous Type vulnerability in Webtareas Project Webtareas webTareas version 2.4 and earlier allows an authenticated user to arbitrarily upload potentially dangerous files without restrictions. | 8.8 |