Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-12 | CVE-2020-20979 | Unrestricted Upload of File with Dangerous Type vulnerability in 8Cms Ljcms 4.3. An arbitrary file upload vulnerability in the move_uploaded_file() function of LJCMS v4.3 allows attackers to execute arbitrary code. | 9.8 |
| 2021-08-12 | CVE-2020-28165 | Unrestricted Upload of File with Dangerous Type vulnerability in Easycorp Zentao The EasyCorp ZenTao PMS 12.4.2 application suffers from an arbitrary file upload vulnerability. | 9.8 |
| 2021-08-11 | CVE-2020-21359 | Unrestricted Upload of File with Dangerous Type vulnerability in Maccms 10.0 An arbitrary file upload vulnerability in the Template Upload function of Maccms10 allows attackers bypass the suffix whitelist verification to execute arbitrary code via adding a character to the end of the uploaded file's name. | 9.8 |
| 2021-08-11 | CVE-2020-21976 | Unrestricted Upload of File with Dangerous Type vulnerability in Newsone CMS Project Newsone CMS 1.1.0 An arbitrary file upload in the <input type="file" name="user_image"> component of NewsOne CMS v1.1.0 allows attackers to webshell and execute arbitrary commands. | 8.8 |
| 2021-08-09 | CVE-2021-38305 | Unrestricted Upload of File with Dangerous Type vulnerability in 23Andme Yamale 23andMe Yamale before 3.0.8 allows remote attackers to execute arbitrary code via a crafted schema file. | 7.8 |
| 2021-08-06 | CVE-2020-28088 | Unrestricted Upload of File with Dangerous Type vulnerability in Jeecg Boot 2.3 An arbitrary file upload vulnerability in /jeecg-boot/sys/common/upload of jeecg-boot CMS 2.3 allows attackers to execute arbitrary code. | 9.8 |
| 2021-08-05 | CVE-2021-34639 | Unrestricted Upload of File with Dangerous Type vulnerability in Wpdownloadmanager Wordpress Download Manager Authenticated File Upload in WordPress Download Manager <= 3.1.24 allows authenticated (Author+) users to upload files with a double extension, e.g. | 8.8 |
| 2021-08-04 | CVE-2021-32594 | Unrestricted Upload of File with Dangerous Type vulnerability in Fortinet Fortiportal An unrestricted file upload vulnerability in the web interface of FortiPortal 6.0.0 through 6.0.4, 5.3.0 through 5.3.5, 5.2.0 through 5.2.5, and 4.2.2 and earlier may allow a low-privileged user to potentially tamper with the underlying system's files via the upload of specifically crafted files. | 8.1 |
| 2021-08-03 | CVE-2020-19302 | Unrestricted Upload of File with Dangerous Type vulnerability in Vaethink 1.0.1 An arbitrary file upload vulnerability in the avatar upload function of vaeThink v1.0.1 allows attackers to open a webshell via changing uploaded file suffixes to ".php". | 9.8 |
| 2021-08-03 | CVE-2020-19303 | Unrestricted Upload of File with Dangerous Type vulnerability in Houdunren Hdcms 5.7 An arbitrary file upload vulnerability in /fileupload.php of hdcms 5.7 allows attackers to execute arbitrary code via a crafted file. | 7.8 |