Vulnerabilities > Unrestricted Upload of File with Dangerous Type
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-10-22 | CVE-2020-36485 | Unrestricted Upload of File with Dangerous Type vulnerability in Madeportable Playable 9.18 Portable Ltd Playable v9.18 was discovered to contain an arbitrary file upload vulnerability in the filename parameter of the upload module. | 4.6 |
2021-10-22 | CVE-2021-42840 | Unrestricted Upload of File with Dangerous Type vulnerability in Salesagility Suitecrm SuiteCRM before 7.11.19 allows remote code execution via the system settings Log File Name setting. | 9.0 |
2021-10-22 | CVE-2021-38471 | Unrestricted Upload of File with Dangerous Type vulnerability in Auvesy Versiondog There are multiple API function codes that permit data writing to any file, which may allow an attacker to modify existing files or create new files. | 6.4 |
2021-10-22 | CVE-2021-41745 | Unrestricted Upload of File with Dangerous Type vulnerability in Showdoc 2.8.3 ShowDoc 2.8.3 ihas a file upload vulnerability, where attackers can use the vulnerability to obtain server permissions. | 7.5 |
2021-10-21 | CVE-2021-39352 | Unrestricted Upload of File with Dangerous Type vulnerability in Catchplugins Catch Themes Demo Import The Catch Themes Demo Import WordPress plugin is vulnerable to arbitrary file uploads via the import functionality found in the ~/inc/CatchThemesDemoImport.php file, in versions up to and including 1.7, due to insufficient file type validation. | 6.5 |
2021-10-19 | CVE-2021-38484 | Unrestricted Upload of File with Dangerous Type vulnerability in Inhandnetworks Ir615 Firmware 2.3.0.R4724/2.3.0.R4870 InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 do not have a filter or signature check to detect or prevent an upload of malicious files to the server, which may allow an attacker, acting as an administrator, to upload malicious files. | 9.0 |
2021-10-19 | CVE-2021-3846 | Unrestricted Upload of File with Dangerous Type vulnerability in Firefly-Iii Firefly III firefly-iii is vulnerable to Unrestricted Upload of File with Dangerous Type | 6.5 |
2021-10-14 | CVE-2021-38346 | Unrestricted Upload of File with Dangerous Type vulnerability in Brizy Brizy-Page Builder The Brizy Page Builder plugin <= 2.3.11 for WordPress allowed authenticated users to upload executable files to a location of their choice using the brizy_create_block_screenshot AJAX action. | 6.5 |
2021-10-14 | CVE-2021-42342 | Unrestricted Upload of File with Dangerous Type vulnerability in Embedthis Goahead An issue was discovered in GoAhead 4.x and 5.x before 5.1.5. | 7.5 |
2021-10-13 | CVE-2021-20130 | Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the PasswordExpiry interface. | 6.5 |