Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-15 | CVE-2020-21322 | Unrestricted Upload of File with Dangerous Type vulnerability in Feehi Feehicms An arbitrary file upload vulnerability in Feehi CMS v2.0.8 and below allows attackers to execute arbitrary code via a crafted PHP file. | 9.8 |
| 2021-09-15 | CVE-2020-21481 | Unrestricted Upload of File with Dangerous Type vulnerability in Rgcms Project Rgcms 1.06 An arbitrary file upload vulnerability in RGCMS v1.06 allows attackers to execute arbitrary code via a crafted .txt file which is later changed to a PHP file. | 7.2 |
| 2021-09-15 | CVE-2020-21483 | Unrestricted Upload of File with Dangerous Type vulnerability in Jizhicms 1.5 An arbitrary file upload vulnerability in Jizhicms v1.5 allows attackers to execute arbitrary code via a crafted .jpg file which is later changed to a PHP file. | 7.2 |
| 2021-09-15 | CVE-2021-33698 | Unrestricted Upload of File with Dangerous Type vulnerability in SAP Business ONE 10.0 SAP Business One, version - 10.0, allows an attacker with business authorization to upload any files (including script files) without the proper file format validation. | 8.8 |
| 2021-09-15 | CVE-2021-40845 | Unrestricted Upload of File with Dangerous Type vulnerability in Zenitel Alphacom XE Audio Server The web part of Zenitel AlphaCom XE Audio Server through 11.2.3.10, called AlphaWeb XE, does not restrict file upload in the Custom Scripts section at php/index.php. | 8.8 |
| 2021-09-14 | CVE-2021-36581 | Unrestricted Upload of File with Dangerous Type vulnerability in Kooboo CMS 2.1.1.0 Kooboo CMS 2.1.1.0 is vulnerable to Insecure file upload. | 9.8 |
| 2021-09-14 | CVE-2021-36582 | Unrestricted Upload of File with Dangerous Type vulnerability in Kooboo CMS 2.1.1.0 In Kooboo CMS 2.1.1.0, it is possible to upload a remote shell (e.g., aspx) to the server and then call upon it to receive a reverse shell from the victim server. | 9.8 |
| 2021-09-13 | CVE-2020-20670 | Unrestricted Upload of File with Dangerous Type vulnerability in Zkea Zkeacms 3.2.0 An arbitrary file upload vulnerability in /admin/media/upload of ZKEACMS V3.2.0 allows attackers to execute arbitrary code via a crafted HTML file. | 8.8 |
| 2021-09-13 | CVE-2020-20672 | Unrestricted Upload of File with Dangerous Type vulnerability in Kitesky Kitecms 1.1 An arbitrary file upload vulnerability in /admin/upload/uploadfile of KiteCMS V1.1 allows attackers to getshell via a crafted PHP file. | 7.8 |
| 2021-09-13 | CVE-2021-24620 | Unrestricted Upload of File with Dangerous Type vulnerability in Simple-E-Commerce-Shopping-Cart Project Simple-E-Commerce-Shopping-Cart The WordPress Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal plugin through 2.2.5 does not check for the uploaded Downloadable Digital product file, allowing any file, such as PHP to be uploaded by an administrator. | 8.8 |