Vulnerabilities > Unrestricted Upload of File with Dangerous Type

DATE CVE VULNERABILITY TITLE RISK
2021-06-07 CVE-2021-3277 Unrestricted Upload of File with Dangerous Type vulnerability in Nagios XI
Nagios XI 5.7.5 and earlier allows authenticated admins to upload arbitrary files due to improper validation of the rename functionality in custom-includes component, which leads to remote code execution by uploading php files.
network
low complexity
nagios CWE-434
7.2
2021-06-04 CVE-2020-36141 Unrestricted Upload of File with Dangerous Type vulnerability in Bloofox Bloofoxcms 0.5.2.1
BloofoxCMS 0.5.2.1 allows Unrestricted File Upload vulnerability via bypass MIME Type validation by inserting 'image/jpeg' within the 'Content-Type' header.
network
low complexity
bloofox CWE-434
8.8
2021-06-03 CVE-2021-32661 Unrestricted Upload of File with Dangerous Type vulnerability in Linuxfoundation @Backstage/Plugin-Techdocs
Backstage is an open platform for building developer portals.
network
low complexity
linuxfoundation CWE-434
7.3
2021-06-03 CVE-2021-32660 Unrestricted Upload of File with Dangerous Type vulnerability in Linuxfoundation @Backstage/Techdocs-Common
Backstage is an open platform for building developer portals, and techdocs-common contains common functionalities for Backstage's TechDocs.
network
low complexity
linuxfoundation CWE-434
8.1
2021-06-03 CVE-2020-21005 Unrestricted Upload of File with Dangerous Type vulnerability in Wellcms 2.0
WellCMS 2.0 beta3 is vulnerable to File Upload.
network
low complexity
wellcms CWE-434
6.5
2021-06-02 CVE-2020-35442 Unrestricted Upload of File with Dangerous Type vulnerability in Fangfa Fdcms 4.0
FDCMS (also known as Fangfa Content Management System) 4.0 allows remote attackers to get a webshell in the background via Front/lib/Action/FindexAction.class.php.
network
low complexity
fangfa CWE-434
critical
9.8
2021-05-29 CVE-2021-31703 Unrestricted Upload of File with Dangerous Type vulnerability in Frontiersoftware Ichris 5.18
Frontier ichris through 5.18 allows users to upload malicious executable files that might later be downloaded and run by any client user.
network
low complexity
frontiersoftware CWE-434
critical
9.8
2021-05-26 CVE-2020-26678 Unrestricted Upload of File with Dangerous Type vulnerability in Vfairs 3.3
vFairs 3.3 is affected by Remote Code Execution.
network
low complexity
vfairs CWE-434
8.8
2021-05-21 CVE-2020-23765 Unrestricted Upload of File with Dangerous Type vulnerability in Bludit 3.12.0
A file upload vulnerability was discovered in the file path /bl-plugins/backup/plugin.php on Bludit version 3.12.0.
network
low complexity
bludit CWE-434
7.2
2021-05-20 CVE-2021-20721 Unrestricted Upload of File with Dangerous Type vulnerability in Kujirahand Konawiki
KonaWiki2 versions prior to 2.2.4 allows a remote attacker to upload arbitrary files via unspecified vectors.
network
low complexity
kujirahand CWE-434
critical
9.8