Vulnerabilities > Unrestricted Upload of File with Dangerous Type
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-10-29 | CVE-2021-41675 | Unrestricted Upload of File with Dangerous Type vulnerability in E-Negosyo System Project E-Negosyo System 1.0 A Remote Code Execution (RCE) vulnerabilty exists in Sourcecodester E-Negosyo System 1.0 in /admin/produts/controller.php via the doInsert function, which validates images with getImageSizei. | 6.5 |
2021-10-28 | CVE-2021-36547 | Unrestricted Upload of File with Dangerous Type vulnerability in Mara CMS Project Mara CMS 7.5 A remote code execution (RCE) vulnerability in the component /codebase/dir.php?type=filenew of Mara v7.5 allows attackers to execute arbitrary commands via a crafted PHP file. | 7.5 |
2021-10-28 | CVE-2021-36548 | Unrestricted Upload of File with Dangerous Type vulnerability in Monstra 3.0.4 A remote code execution (RCE) vulnerability in the component /admin/index.php?id=themes&action=edit_template&filename=blog of Monstra v3.0.4 allows attackers to execute arbitrary commands via a crafted PHP file. | 7.5 |
2021-10-28 | CVE-2021-3745 | Unrestricted Upload of File with Dangerous Type vulnerability in Flatcore Flatcore-Cms flatcore-cms is vulnerable to Unrestricted Upload of File with Dangerous Type | 6.0 |
2021-10-27 | CVE-2021-3906 | Unrestricted Upload of File with Dangerous Type vulnerability in Bookstackapp Bookstack bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type | 4.0 |
2021-10-27 | CVE-2021-37221 | Unrestricted Upload of File with Dangerous Type vulnerability in Customer Relationship Management System Project Customer Relationship Management System 1.0 A file upload vulnerability exists in Sourcecodester Customer Relationship Management System 1.0 via the account update option & customer create option, which could let a remote malicious user upload an arbitrary php file. | 6.5 |
2021-10-26 | CVE-2021-37372 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Student Admission System Project Online Student Admission System 1.0 Online Student Admission System 1.0 is affected by an insecure file upload vulnerability. | 6.5 |
2021-10-26 | CVE-2021-40344 | Unrestricted Upload of File with Dangerous Type vulnerability in Nagios XI 5.8.5 An issue was discovered in Nagios XI 5.8.5. | 6.5 |
2021-10-25 | CVE-2021-39221 | Unrestricted Upload of File with Dangerous Type vulnerability in Nextcloud Contacts Nextcloud is an open-source, self-hosted productivity platform. | 3.5 |
2021-10-22 | CVE-2020-23043 | Unrestricted Upload of File with Dangerous Type vulnerability in AIR Sender Project AIR Sender 1.0.2 Tran Tu Air Sender v1.0.2 was discovered to contain an arbitrary file upload vulnerability in the upload module. | 6.5 |