Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-25 | CVE-2021-34074 | Unrestricted Upload of File with Dangerous Type vulnerability in Pandorafms Pandora FMS PandoraFMS <=7.54 allows arbitrary file upload, it leading to remote command execution via the File Manager. | 9.8 |
| 2021-06-24 | CVE-2020-21786 | Unrestricted Upload of File with Dangerous Type vulnerability in Ibos 4.5.4 In IBOS 4.5.4 Open, Arbitrary File Inclusion causes getshell via /system/modules/dashboard/controllers/CronController.php. | 9.8 |
| 2021-06-24 | CVE-2020-21787 | Unrestricted Upload of File with Dangerous Type vulnerability in Crmeb 3.1.0+ CRMEB 3.1.0+ is vulnerable to File Upload Getshell via /crmeb/crmeb/services/UploadService.php. | 9.8 |
| 2021-06-23 | CVE-2021-28976 | Unrestricted Upload of File with Dangerous Type vulnerability in Get-Simple Getsimplecms Remote Code Execution vulnerability in GetSimpleCMS before 3.3.16 in admin/upload.php via phar filess. | 7.2 |
| 2021-06-21 | CVE-2020-19510 | Unrestricted Upload of File with Dangerous Type vulnerability in Textpattern 4.7.3 Textpattern 4.7.3 contains an aribtrary file load via the file_insert function in include/txp_file.php. | 9.8 |
| 2021-06-17 | CVE-2020-36388 | Unrestricted Upload of File with Dangerous Type vulnerability in Civicrm In CiviCRM before 5.21.3 and 5.22.x through 5.24.x before 5.24.3, users may be able to upload and execute a crafted PHAR archive. | 8.8 |
| 2021-06-17 | CVE-2013-20002 | Unrestricted Upload of File with Dangerous Type vulnerability in Themify Framework Elemin allows remote attackers to upload and execute arbitrary PHP code via the Themify framework (before 1.2.2) wp-content/themes/elemin/themify/themify-ajax.php file. | 9.8 |
| 2021-06-16 | CVE-2021-32243 | Unrestricted Upload of File with Dangerous Type vulnerability in Fogproject 1.5.9 FOGProject v1.5.9 is affected by a File Upload RCE (Authenticated). | 8.8 |
| 2021-06-16 | CVE-2021-34551 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products PHPMailer before 6.5.0 on Windows allows remote code execution if lang_path is untrusted data and has a UNC pathname. | 8.1 |
| 2021-06-16 | CVE-2020-35760 | Unrestricted Upload of File with Dangerous Type vulnerability in Bloofox Bloofoxcms 0.5.2.1 bloofoxCMS 0.5.2.1 is infected with Unrestricted File Upload that allows attackers to upload malicious files (ex: php files). | 9.8 |