Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-29 | CVE-2021-41646 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Reviewer System Project Online Reviewer System 1.0 Remote Code Execution (RCE) vulnerability exists in Sourcecodester Online Reviewer System 1.0 by uploading a maliciously crafted PHP file that bypasses the image upload filters.. | 9.8 |
| 2021-10-29 | CVE-2021-41643 | Unrestricted Upload of File with Dangerous Type vulnerability in Church Management System Project Church Management System 1.0 Remote Code Execution (RCE) vulnerability exists in Sourcecodester Church Management System 1.0 via the image upload field. | 9.8 |
| 2021-10-29 | CVE-2021-41644 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Food Ordering System Project Online Food Ordering System 2.0 Remote Code Exection (RCE) vulnerability exists in Sourcecodester Online Food Ordering System 2.0 via a maliciously crafted PHP file that bypasses the image upload filters. | 9.8 |
| 2021-10-29 | CVE-2021-41645 | Unrestricted Upload of File with Dangerous Type vulnerability in Oretnom23 Budget and Expense Tracker System 1.0 Remote Code Execution (RCE) vulnerability exists in Sourcecodester Budget and Expense Tracker System 1.0 that allows a remote malicious user to inject arbitrary code via the image upload field. | 8.8 |
| 2021-10-29 | CVE-2021-41675 | Unrestricted Upload of File with Dangerous Type vulnerability in E-Negosyo System Project E-Negosyo System 1.0 A Remote Code Execution (RCE) vulnerabilty exists in Sourcecodester E-Negosyo System 1.0 in /admin/produts/controller.php via the doInsert function, which validates images with getImageSizei. | 7.2 |
| 2021-10-28 | CVE-2021-36547 | Unrestricted Upload of File with Dangerous Type vulnerability in Mara CMS Project Mara CMS 7.5 A remote code execution (RCE) vulnerability in the component /codebase/dir.php?type=filenew of Mara v7.5 allows attackers to execute arbitrary commands via a crafted PHP file. | 9.8 |
| 2021-10-28 | CVE-2021-36548 | Unrestricted Upload of File with Dangerous Type vulnerability in Monstra 3.0.4 A remote code execution (RCE) vulnerability in the component /admin/index.php?id=themes&action=edit_template&filename=blog of Monstra v3.0.4 allows attackers to execute arbitrary commands via a crafted PHP file. | 9.8 |
| 2021-10-27 | CVE-2021-37221 | Unrestricted Upload of File with Dangerous Type vulnerability in Customer Relationship Management System Project Customer Relationship Management System 1.0 A file upload vulnerability exists in Sourcecodester Customer Relationship Management System 1.0 via the account update option & customer create option, which could let a remote malicious user upload an arbitrary php file. | 8.8 |
| 2021-10-26 | CVE-2021-37372 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Student Admission System Project Online Student Admission System 1.0 Online Student Admission System 1.0 is affected by an insecure file upload vulnerability. | 8.8 |
| 2021-10-26 | CVE-2021-40344 | Unrestricted Upload of File with Dangerous Type vulnerability in Nagios XI 5.8.5 An issue was discovered in Nagios XI 5.8.5. | 7.2 |