Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-16 | CVE-2020-18704 | Unrestricted Upload of File with Dangerous Type vulnerability in Fusionbox Widgy 0.8.4 Unrestricted Upload of File with Dangerous Type in Django-Widgy v0.8.4 allows remote attackers to execute arbitrary code via the 'image' widget in the component 'Change Widgy Page'. | 9.8 |
| 2021-08-16 | CVE-2021-38753 | Unrestricted Upload of File with Dangerous Type vulnerability in Simple Image Gallery web APP Project Simple Image Gallery web APP An unrestricted file upload on Simple Image Gallery Web App can be exploited to upload a web shell and executed to gain unauthorized access to the server hosting the web app. | 9.8 |
| 2021-08-12 | CVE-2021-29377 | Unrestricted Upload of File with Dangerous Type vulnerability in Pearadmin Think 2.0.0/2.1.0/2.1.2 Pear Admin Think through 2.1.2 has an arbitrary file upload vulnerability that allows attackers to execute arbitrary code remotely. | 9.8 |
| 2021-08-12 | CVE-2021-38366 | Unrestricted Upload of File with Dangerous Type vulnerability in Sitecore Sitecore through 10.1, when Update Center is enabled, allows remote authenticated users to upload arbitrary files and achieve remote code execution by visiting an uploaded .aspx file at an admin/Packages URL. | 8.8 |
| 2021-08-12 | CVE-2020-18462 | Unrestricted Upload of File with Dangerous Type vulnerability in Aikcms 2.0 File Upload vulnerabilty in AikCms v2.0.0 in poster_edit.php because the background file management office does not verify the uploaded file. | 7.2 |
| 2021-08-12 | CVE-2020-20979 | Unrestricted Upload of File with Dangerous Type vulnerability in 8Cms Ljcms 4.3. An arbitrary file upload vulnerability in the move_uploaded_file() function of LJCMS v4.3 allows attackers to execute arbitrary code. | 9.8 |
| 2021-08-12 | CVE-2020-28165 | Unrestricted Upload of File with Dangerous Type vulnerability in Easycorp Zentao The EasyCorp ZenTao PMS 12.4.2 application suffers from an arbitrary file upload vulnerability. | 9.8 |
| 2021-08-11 | CVE-2020-21359 | Unrestricted Upload of File with Dangerous Type vulnerability in Maccms 10.0 An arbitrary file upload vulnerability in the Template Upload function of Maccms10 allows attackers bypass the suffix whitelist verification to execute arbitrary code via adding a character to the end of the uploaded file's name. | 9.8 |
| 2021-08-11 | CVE-2020-21976 | Unrestricted Upload of File with Dangerous Type vulnerability in Newsone CMS Project Newsone CMS 1.1.0 An arbitrary file upload in the <input type="file" name="user_image"> component of NewsOne CMS v1.1.0 allows attackers to webshell and execute arbitrary commands. | 8.8 |
| 2021-08-09 | CVE-2021-38305 | Unrestricted Upload of File with Dangerous Type vulnerability in 23Andme Yamale 23andMe Yamale before 3.0.8 allows remote attackers to execute arbitrary code via a crafted schema file. | 7.8 |