Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-06 | CVE-2020-19113 | Unrestricted Upload of File with Dangerous Type vulnerability in Projectworlds Online Book Store Project in PHP 1.0 Arbitrary File Upload vulnerability in Online Book Store v1.0 in admin_add.php, which may lead to remote code execution. | 9.8 |
| 2021-05-06 | CVE-2021-24252 | Unrestricted Upload of File with Dangerous Type vulnerability in Wp-Eventmanager Event Banner The Event Banner WordPress plugin through 1.3 does not verify the uploaded image file, allowing admin accounts to upload arbitrary files, such as .exe, .php, or others executable, leading to RCE. | 7.2 |
| 2021-05-03 | CVE-2020-23083 | Unrestricted Upload of File with Dangerous Type vulnerability in Guojusoft Jeecg Unrestricted File Upload in JEECG v4.0 and earlier allows remote attackers to execute arbitrary code or gain privileges by uploading a crafted file to the component "jeecgFormDemoController.do?commonUpload". | 9.8 |
| 2021-04-29 | CVE-2020-21452 | Unrestricted Upload of File with Dangerous Type vulnerability in Uniview Isc2500-S Firmware An issue was discovered in uniview ISC2500-S. | 9.8 |
| 2021-04-22 | CVE-2021-24240 | Unrestricted Upload of File with Dangerous Type vulnerability in Aivahthemes Business Hours PRO 5.5.0 The Business Hours Pro WordPress plugin through 5.5.0 allows a remote attacker to upload arbitrary files using its manual update functionality, leading to an unauthenticated remote code execution vulnerability. | 9.8 |
| 2021-04-15 | CVE-2021-30209 | Unrestricted Upload of File with Dangerous Type vulnerability in Textpattern 4.8.4 Textpattern V4.8.4 contains an arbitrary file upload vulnerability where a plug-in can be loaded in the background without any security verification, which may lead to obtaining system permissions. | 6.5 |
| 2021-04-14 | CVE-2020-29592 | Unrestricted Upload of File with Dangerous Type vulnerability in Orchardproject Orchard An issue was discovered in Orchard before 1.10. | 9.8 |
| 2021-04-13 | CVE-2021-23280 | Unrestricted Upload of File with Dangerous Type vulnerability in Eaton products Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to authenticated arbitrary file upload vulnerability. | 9.9 |
| 2021-04-09 | CVE-2021-20022 | Unrestricted Upload of File with Dangerous Type vulnerability in Sonicwall Email Security and Hosted Email Security SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the remote host. | 7.2 |
| 2021-04-07 | CVE-2021-29641 | Unrestricted Upload of File with Dangerous Type vulnerability in Rangerstudio Directus Directus 8 before 8.8.2 allows remote authenticated users to execute arbitrary code because file-upload permissions include the ability to upload a .php file to the main upload directory and/or upload a .php file and a .htaccess file to a subdirectory. | 8.8 |