Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-09 | CVE-2020-19267 | Unrestricted Upload of File with Dangerous Type vulnerability in Dswjcms Project Dswjcms 1.6.4 An issue in index.php/Dswjcms/Basis/resources of Dswjcms 1.6.4 allows attackers to execute arbitrary code via uploading a crafted PHP file. | 9.8 |
| 2021-09-08 | CVE-2020-19138 | Unrestricted Upload of File with Dangerous Type vulnerability in Dotcms Unrestricted Upload of File with Dangerous Type in DotCMS v5.2.3 and earlier allow remote attackers to execute arbitrary code via the component "/src/main/java/com/dotmarketing/filters/CMSFilter.java". | 9.8 |
| 2021-09-08 | CVE-2021-36440 | Unrestricted Upload of File with Dangerous Type vulnerability in Showdoc 2.9.5 Unrestricted File Upload in ShowDoc v2.9.5 allows remote attackers to execute arbitrary code via the 'file_url' parameter in the component AdminUpdateController.class.php'. | 9.8 |
| 2021-09-07 | CVE-2021-38841 | Unrestricted Upload of File with Dangerous Type vulnerability in Simple Water Refilling Station Management System Project Simple Water Refilling Station Management System 1.0 Remote Code Execution can occur in Simple Water Refilling Station Management System 1.0 via the System Logo option on the system_info page in classes/SystemSettings.php with an update_settings action. | 8.8 |
| 2021-09-06 | CVE-2021-40531 | Unrestricted Upload of File with Dangerous Type vulnerability in Sketch Sketch before 75 allows library feeds to be used to bypass file quarantine. | 9.8 |
| 2021-09-05 | CVE-2021-40524 | Unrestricted Upload of File with Dangerous Type vulnerability in Pureftpd Pure-Ftpd In Pure-FTPd before 1.0.50, an incorrect max_filesize quota mechanism in the server allows attackers to upload files of unbounded size, which may lead to denial of service or a server hang. | 7.5 |
| 2021-09-01 | CVE-2021-36040 | Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. | 7.2 |
| 2021-09-01 | CVE-2021-36042 | Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability in the API File Option Upload Extension. | 7.2 |
| 2021-08-31 | CVE-2021-29907 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Openpages With Watson IBM OpenPages with Watson 8.1 and 8.2 could allow an authenticated user to upload a file that could execute arbitrary code on the system. | 8.8 |
| 2021-08-31 | CVE-2021-36356 | Unrestricted Upload of File with Dangerous Type vulnerability in Kramerav Viaware 2.5.0719.1034 KRAMER VIAware through August 2021 allows remote attackers to execute arbitrary code because ajaxPages/writeBrowseFilePathAjax.php accepts arbitrary executable pathnames (even though browseSystemFiles.php is no longer reachable via the GUI). | 9.8 |