Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-05 | CVE-2021-40524 | Unrestricted Upload of File with Dangerous Type vulnerability in Pureftpd Pure-Ftpd In Pure-FTPd before 1.0.50, an incorrect max_filesize quota mechanism in the server allows attackers to upload files of unbounded size, which may lead to denial of service or a server hang. | 7.5 |
| 2021-09-01 | CVE-2021-36040 | Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. | 7.2 |
| 2021-09-01 | CVE-2021-36042 | Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability in the API File Option Upload Extension. | 7.2 |
| 2021-08-31 | CVE-2021-29907 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Openpages With Watson IBM OpenPages with Watson 8.1 and 8.2 could allow an authenticated user to upload a file that could execute arbitrary code on the system. | 8.8 |
| 2021-08-31 | CVE-2021-36356 | Unrestricted Upload of File with Dangerous Type vulnerability in Kramerav Viaware 2.5.0719.1034 KRAMER VIAware through August 2021 allows remote attackers to execute arbitrary code because ajaxPages/writeBrowseFilePathAjax.php accepts arbitrary executable pathnames (even though browseSystemFiles.php is no longer reachable via the GUI). | 9.8 |
| 2021-08-29 | CVE-2021-40175 | Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Log360 5.0/5.1/5.2 Zoho ManageEngine Log360 before Build 5219 allows unrestricted file upload with resultant remote code execution. | 9.8 |
| 2021-08-27 | CVE-2020-18114 | Unrestricted Upload of File with Dangerous Type vulnerability in Dedecms 5.7 An arbitrary file upload vulnerability in the /uploads/dede component of DedeCMS V5.7SP2 allows attackers to upload a webshell in HTM format. | 9.8 |
| 2021-08-25 | CVE-2021-33884 | Unrestricted Upload of File with Dangerous Type vulnerability in Bbraun Spacecom2 An Unrestricted Upload of File with Dangerous Type vulnerability in B. | 9.1 |
| 2021-08-24 | CVE-2021-38613 | Unrestricted Upload of File with Dangerous Type vulnerability in Nascent Remkon Device Manager 4.0.0.0 The assets/index.php Image Upload feature of the NASCENT RemKon Device Manager 4.0.0.0 allows attackers to upload any code to the target system and achieve remote code execution. | 9.8 |
| 2021-08-23 | CVE-2021-39608 | Unrestricted Upload of File with Dangerous Type vulnerability in Flatcore Flatcore-Cms 2.0.7 Remote Code Execution (RCE) vulnerabilty exists in FlatCore-CMS 2.0.7 via the upload addon plugin, which could let a remote malicious user exeuct arbitrary php code. | 7.2 |