Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-15 | CVE-2021-30209 | Unrestricted Upload of File with Dangerous Type vulnerability in Textpattern 4.8.4 Textpattern V4.8.4 contains an arbitrary file upload vulnerability where a plug-in can be loaded in the background without any security verification, which may lead to obtaining system permissions. | 6.5 |
| 2021-04-14 | CVE-2020-29592 | Unrestricted Upload of File with Dangerous Type vulnerability in Orchardproject Orchard An issue was discovered in Orchard before 1.10. | 9.8 |
| 2021-04-13 | CVE-2021-23280 | Unrestricted Upload of File with Dangerous Type vulnerability in Eaton products Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to authenticated arbitrary file upload vulnerability. | 9.9 |
| 2021-04-09 | CVE-2021-20022 | Unrestricted Upload of File with Dangerous Type vulnerability in Sonicwall Email Security and Hosted Email Security SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the remote host. | 7.2 |
| 2021-04-07 | CVE-2021-29641 | Unrestricted Upload of File with Dangerous Type vulnerability in Rangerstudio Directus Directus 8 before 8.8.2 allows remote authenticated users to execute arbitrary code because file-upload permissions include the ability to upload a .php file to the main upload directory and/or upload a .php file and a .htaccess file to a subdirectory. | 8.8 |
| 2021-04-06 | CVE-2021-28173 | Unrestricted Upload of File with Dangerous Type vulnerability in Deltaflow Project Deltaflow The file upload function of Vangene deltaFlow E-platform does not perform access controlled properly. | 9.8 |
| 2021-04-06 | CVE-2021-30149 | Unrestricted Upload of File with Dangerous Type vulnerability in Ocproducts Composr 10.0.36 Composr 10.0.36 allows upload and execution of PHP files. | 9.8 |
| 2021-04-05 | CVE-2021-24212 | Unrestricted Upload of File with Dangerous Type vulnerability in Woocommerce Help Scout The WooCommerce Help Scout WordPress plugin before 2.9.1 (https://woocommerce.com/products/woocommerce-help-scout/) allows unauthenticated users to upload any files to the site which by default will end up in wp-content/uploads/hstmp. | 9.8 |
| 2021-04-05 | CVE-2021-24171 | Unrestricted Upload of File with Dangerous Type vulnerability in Vanquish Woocommerce Upload Files The WooCommerce Upload Files WordPress plugin before 59.4 ran a single sanitization pass to remove blocked extensions such as .php. | 9.8 |
| 2021-04-05 | CVE-2021-24160 | Unrestricted Upload of File with Dangerous Type vulnerability in Expresstech Responsive Menu In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, subscribers could upload zip archives containing malicious PHP files that would get extracted to the /rmp-menu/ directory. | 8.8 |