Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-27 | CVE-2020-20691 | Unrestricted Upload of File with Dangerous Type vulnerability in Monstra CMS 3.0.4 An issue in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via bypassing the file extension filter and uploading crafted HTML files. | 6.5 |
| 2021-09-27 | CVE-2021-37761 | Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus Zoho ManageEngine ADManager Plus version 7110 and prior is vulnerable to unrestricted file upload, leading to remote code execution. | 9.8 |
| 2021-09-27 | CVE-2021-37539 | Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus Zoho ManageEngine ADManager Plus before 7111 is vulnerable to unrestricted file which leads to Remote code execution. | 9.8 |
| 2021-09-23 | CVE-2021-26794 | Unrestricted Upload of File with Dangerous Type vulnerability in Frogcms Project Frogcms 0.9.5 Privilege escalation in 'upload.php' in FrogCMS SentCMS v0.9.5 allows attacker to execute arbitrary code via crafted php file. | 9.8 |
| 2021-09-21 | CVE-2021-37741 | Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus ManageEngine ADManager Plus before 7111 has Pre-authentication RCE vulnerabilities. | 8.8 |
| 2021-09-15 | CVE-2020-21322 | Unrestricted Upload of File with Dangerous Type vulnerability in Feehi Feehicms An arbitrary file upload vulnerability in Feehi CMS v2.0.8 and below allows attackers to execute arbitrary code via a crafted PHP file. | 9.8 |
| 2021-09-15 | CVE-2020-21481 | Unrestricted Upload of File with Dangerous Type vulnerability in Rgcms Project Rgcms 1.06 An arbitrary file upload vulnerability in RGCMS v1.06 allows attackers to execute arbitrary code via a crafted .txt file which is later changed to a PHP file. | 7.2 |
| 2021-09-15 | CVE-2020-21483 | Unrestricted Upload of File with Dangerous Type vulnerability in Jizhicms 1.5 An arbitrary file upload vulnerability in Jizhicms v1.5 allows attackers to execute arbitrary code via a crafted .jpg file which is later changed to a PHP file. | 7.2 |
| 2021-09-15 | CVE-2021-33698 | Unrestricted Upload of File with Dangerous Type vulnerability in SAP Business ONE 10.0 SAP Business One, version - 10.0, allows an attacker with business authorization to upload any files (including script files) without the proper file format validation. | 8.8 |
| 2021-09-15 | CVE-2021-40845 | Unrestricted Upload of File with Dangerous Type vulnerability in Zenitel Alphacom XE Audio Server The web part of Zenitel AlphaCom XE Audio Server through 11.2.3.10, called AlphaWeb XE, does not restrict file upload in the Custom Scripts section at php/index.php. | 8.8 |