Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-22 | CVE-2021-25210 | Unrestricted Upload of File with Dangerous Type vulnerability in Alumni Management System Project Alumni Management System 1.0 Arbitrary file upload vulnerability in SourceCodester Alumni Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to manage_event.php. | 9.8 |
| 2021-07-15 | CVE-2021-29699 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Security Verify Access 10.0.0 IBM Security Verify Access Docker 10.0.0 could allow a remote priviled user to upload arbitrary files with a dangerous file type that could be excuted by an user. | 6.8 |
| 2021-07-13 | CVE-2021-36121 | Unrestricted Upload of File with Dangerous Type vulnerability in Echobh Sharecare 8.15.5 An issue was discovered in Echo ShareCare 8.15.5. | 8.8 |
| 2021-07-09 | CVE-2021-30118 | Unrestricted Upload of File with Dangerous Type vulnerability in Kaseya VSA An attacker can upload files with the privilege of the Web Server process for Kaseya VSA Unified Remote Monitoring & Management (RMM) 9.5.4.2149 and subsequently use these files to execute asp commands The api /SystemTab/uploader.aspx is vulnerable to an unauthenticated arbitrary file upload leading to RCE. | 9.8 |
| 2021-07-07 | CVE-2021-28931 | Unrestricted Upload of File with Dangerous Type vulnerability in Fork-Cms Fork CMS 5.9.2 Arbitrary file upload vulnerability in Fork CMS 5.9.2 allows attackers to create or replace arbitrary files in the /themes directory via a crafted zip file uploaded to the Themes panel. | 8.8 |
| 2021-07-07 | CVE-2021-34623 | Unrestricted Upload of File with Dangerous Type vulnerability in Properfraction Profilepress A vulnerability in the image uploader component found in the ~/src/Classes/ImageUploader.php file of the ProfilePress WordPress plugin made it possible for users to upload arbitrary files during user registration or during profile updates. | 9.8 |
| 2021-07-07 | CVE-2021-34624 | Unrestricted Upload of File with Dangerous Type vulnerability in Properfraction Profilepress A vulnerability in the file uploader component found in the ~/src/Classes/FileUploader.php file of the ProfilePress WordPress plugin made it possible for users to upload arbitrary files during user registration or during profile updates. | 9.8 |
| 2021-07-06 | CVE-2020-22249 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPlist 3.5.1 Remote Code Execution vulnerability in phplist 3.5.1. | 9.8 |
| 2021-06-29 | CVE-2021-20104 | Unrestricted Upload of File with Dangerous Type vulnerability in Machform Machform prior to version 16 is vulnerable to unauthenticated remote code execution due to insufficient sanitization of file attachments uploaded with forms through upload.php. | 8.1 |
| 2021-06-25 | CVE-2021-34427 | Unrestricted Upload of File with Dangerous Type vulnerability in Eclipse Business Intelligence and Reporting Tools In Eclipse BIRT versions 4.8.0 and earlier, an attacker can use query parameters to create a JSP file which is accessible from remote (current BIRT viewer dir) to inject JSP code into the running instance. | 9.8 |