Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-06 | CVE-2020-28088 | Unrestricted Upload of File with Dangerous Type vulnerability in Jeecg Boot 2.3 An arbitrary file upload vulnerability in /jeecg-boot/sys/common/upload of jeecg-boot CMS 2.3 allows attackers to execute arbitrary code. | 9.8 |
| 2021-08-05 | CVE-2021-34639 | Unrestricted Upload of File with Dangerous Type vulnerability in Wpdownloadmanager Wordpress Download Manager Authenticated File Upload in WordPress Download Manager <= 3.1.24 allows authenticated (Author+) users to upload files with a double extension, e.g. | 8.8 |
| 2021-08-04 | CVE-2021-32594 | Unrestricted Upload of File with Dangerous Type vulnerability in Fortinet Fortiportal An unrestricted file upload vulnerability in the web interface of FortiPortal 6.0.0 through 6.0.4, 5.3.0 through 5.3.5, 5.2.0 through 5.2.5, and 4.2.2 and earlier may allow a low-privileged user to potentially tamper with the underlying system's files via the upload of specifically crafted files. | 8.1 |
| 2021-08-03 | CVE-2020-19302 | Unrestricted Upload of File with Dangerous Type vulnerability in Vaethink 1.0.1 An arbitrary file upload vulnerability in the avatar upload function of vaeThink v1.0.1 allows attackers to open a webshell via changing uploaded file suffixes to ".php". | 9.8 |
| 2021-08-03 | CVE-2020-19303 | Unrestricted Upload of File with Dangerous Type vulnerability in Houdunren Hdcms 5.7 An arbitrary file upload vulnerability in /fileupload.php of hdcms 5.7 allows attackers to execute arbitrary code via a crafted file. | 7.8 |
| 2021-08-03 | CVE-2021-36622 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Covid Vaccination Scheduler System Project Online Covid Vaccination Scheduler System 1.0 Sourcecodester Online Covid Vaccination Scheduler System 1.0 is affected vulnerable to Arbitrary File Upload. | 9.8 |
| 2021-08-03 | CVE-2021-36623 | Unrestricted Upload of File with Dangerous Type vulnerability in Phone Shop Sales Management System Project Phone Shop Sales Management System 1.0 Arbitrary File Upload in Sourcecodester Phone Shop Sales Management System 1.0 enables RCE. | 9.8 |
| 2021-07-30 | CVE-2021-25200 | Unrestricted Upload of File with Dangerous Type vulnerability in Learning Management System Project Learning Management System 1.0 Arbitrary file upload vulnerability in SourceCodester Learning Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to \lms\student_avatar.php. | 9.8 |
| 2021-07-29 | CVE-2021-36741 | Unrestricted Upload of File with Dangerous Type vulnerability in Trendmicro products An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 allows a remote attached to upload arbitrary files on affected installations. | 8.8 |
| 2021-07-25 | CVE-2021-37444 | Unrestricted Upload of File with Dangerous Type vulnerability in Nchsoftware IVM Attendant 5.12 NCH IVM Attendant v5.12 and earlier suffers from a directory traversal weakness upon uploading plugins in a ZIP archive. | 8.8 |