Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-11 | CVE-2021-32089 | Unrestricted Upload of File with Dangerous Type vulnerability in Zebra Fx9500 Firmware An issue was discovered on Zebra (formerly Motorola Solutions) Fixed RFID Reader FX9500 devices. | 9.8 |
| 2021-05-11 | CVE-2021-27618 | Unrestricted Upload of File with Dangerous Type vulnerability in SAP Netweaver Process Integration The Integration Builder Framework of SAP Process Integration versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not check the file type extension of the file uploaded from local source. | 4.9 |
| 2021-05-10 | CVE-2021-29022 | Unrestricted Upload of File with Dangerous Type vulnerability in Invoiceplane 1.5.11 In InvoicePlane 1.5.11, the upload feature discloses the full path of the file upload directory. | 5.3 |
| 2021-05-07 | CVE-2021-32094 | Unrestricted Upload of File with Dangerous Type vulnerability in NSA Emissary 5.9.0 U.S. | 8.8 |
| 2021-05-06 | CVE-2021-31737 | Unrestricted Upload of File with Dangerous Type vulnerability in Emlog 5.3.1/6.0.0 emlog v5.3.1 and emlog v6.0.0 have a Remote Code Execution vulnerability due to upload of database backup file in admin/data.php. | 9.8 |
| 2021-05-06 | CVE-2020-19113 | Unrestricted Upload of File with Dangerous Type vulnerability in Projectworlds Online Book Store Project in PHP 1.0 Arbitrary File Upload vulnerability in Online Book Store v1.0 in admin_add.php, which may lead to remote code execution. | 9.8 |
| 2021-05-06 | CVE-2021-24252 | Unrestricted Upload of File with Dangerous Type vulnerability in Wp-Eventmanager Event Banner The Event Banner WordPress plugin through 1.3 does not verify the uploaded image file, allowing admin accounts to upload arbitrary files, such as .exe, .php, or others executable, leading to RCE. | 7.2 |
| 2021-05-03 | CVE-2020-23083 | Unrestricted Upload of File with Dangerous Type vulnerability in Guojusoft Jeecg Unrestricted File Upload in JEECG v4.0 and earlier allows remote attackers to execute arbitrary code or gain privileges by uploading a crafted file to the component "jeecgFormDemoController.do?commonUpload". | 9.8 |
| 2021-04-29 | CVE-2020-21452 | Unrestricted Upload of File with Dangerous Type vulnerability in Uniview Isc2500-S Firmware An issue was discovered in uniview ISC2500-S. | 9.8 |
| 2021-04-22 | CVE-2021-24240 | Unrestricted Upload of File with Dangerous Type vulnerability in Aivahthemes Business Hours PRO 5.5.0 The Business Hours Pro WordPress plugin through 5.5.0 allows a remote attacker to upload arbitrary files using its manual update functionality, leading to an unauthenticated remote code execution vulnerability. | 9.8 |