Vulnerabilities > Unrestricted Upload of File with Dangerous Type

DATE CVE VULNERABILITY TITLE RISK
2021-10-11 CVE-2021-40188 Unrestricted Upload of File with Dangerous Type vulnerability in PHP-Fusion PHPfusion 9.03.110
PHPFusion 9.03.110 is affected by an arbitrary file upload vulnerability.
network
low complexity
php-fusion CWE-434
7.2
7.2
2021-10-11 CVE-2021-40189 Unrestricted Upload of File with Dangerous Type vulnerability in PHP-Fusion PHPfusion 9.03.110
PHPFusion 9.03.110 is affected by a remote code execution vulnerability.
network
low complexity
php-fusion CWE-434
7.2
7.2
2021-10-11 CVE-2021-39317 Unrestricted Upload of File with Dangerous Type vulnerability in Accesspressthemes products
A WordPress plugin and several WordPress themes developed by AccessPress Themes are vulnerable to malicious file uploads via the plugin_offline_installer AJAX action due to a missing capability check in the plugin_offline_installer_callback function found in the /demo-functions.php file or /welcome.php file of the affected products.
network
low complexity
accesspressthemes CWE-434
8.8
8.8
2021-10-08 CVE-2021-41566 Unrestricted Upload of File with Dangerous Type vulnerability in Tadtools Project Tadtools
The file extension of the TadTools file upload function fails to filter, thus remote attackers can upload any types of files and execute arbitrary code without logging in.
network
low complexity
tadtools-project CWE-434
critical
 9.8
9.8
2021-10-08 CVE-2021-41919 Unrestricted Upload of File with Dangerous Type vulnerability in Webtareas Project Webtareas
webTareas version 2.4 and earlier allows an authenticated user to arbitrarily upload potentially dangerous files without restrictions.
network
low complexity
webtareas-project CWE-434
8.8
8.8
2021-10-07 CVE-2021-37762 Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file overwrite leading to remote code execution.
network
low complexity
zohocorp CWE-434
critical
 9.8
9.8
2021-10-07 CVE-2021-37918 Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.
network
low complexity
zohocorp CWE-434
critical
 9.8
9.8
2021-10-07 CVE-2021-37919 Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.
network
low complexity
zohocorp CWE-434
critical
 9.8
9.8
2021-10-07 CVE-2021-37920 Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.
network
low complexity
zohocorp CWE-434
critical
 9.8
9.8
2021-10-07 CVE-2021-37921 Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.
network
low complexity
zohocorp CWE-434
critical
 9.8
9.8