Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-13 | CVE-2021-20130 | Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the PasswordExpiry interface. | 6.5 |
| 2021-10-13 | CVE-2021-20131 | Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the Personalization interface. | 6.5 |
| 2021-10-13 | CVE-2021-20125 | Unrestricted Upload of File with Dangerous Type vulnerability in Draytek Vigorconnect 1.6.0 An arbitrary file upload and directory traversal vulnerability exists in the file upload functionality of DownloadFileServlet in Draytek VigorConnect 1.6.0-B3. | 10.0 |
| 2021-10-11 | CVE-2021-40188 | Unrestricted Upload of File with Dangerous Type vulnerability in PHP-Fusion PHPfusion 9.03.110 PHPFusion 9.03.110 is affected by an arbitrary file upload vulnerability. | 6.5 |
| 2021-10-11 | CVE-2021-40189 | Unrestricted Upload of File with Dangerous Type vulnerability in PHP-Fusion PHPfusion 9.03.110 PHPFusion 9.03.110 is affected by a remote code execution vulnerability. | 6.5 |
| 2021-10-11 | CVE-2021-39317 | Unrestricted Upload of File with Dangerous Type vulnerability in Accesspressthemes products A WordPress plugin and several WordPress themes developed by AccessPress Themes are vulnerable to malicious file uploads via the plugin_offline_installer AJAX action due to a missing capability check in the plugin_offline_installer_callback function found in the /demo-functions.php file or /welcome.php file of the affected products. | 8.8 |
| 2021-10-08 | CVE-2021-41566 | Unrestricted Upload of File with Dangerous Type vulnerability in Tadtools Project Tadtools The file extension of the TadTools file upload function fails to filter, thus remote attackers can upload any types of files and execute arbitrary code without logging in. | 7.5 |
| 2021-10-08 | CVE-2021-41919 | Unrestricted Upload of File with Dangerous Type vulnerability in Webtareas Project Webtareas 2.0/2.1 webTareas version 2.4 and earlier allows an authenticated user to arbitrarily upload potentially dangerous files without restrictions. | 6.5 |
| 2021-10-07 | CVE-2021-20584 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Sterling B2B Integrator IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow a remote attacker to upload arbitrary files, caused by improper access controls. | 5.0 |
| 2021-10-07 | CVE-2021-37762 | Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file overwrite leading to remote code execution. | 7.5 |