Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-09 | CVE-2024-45136 | Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Incopy InCopy versions 19.4, 18.5.3 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution by an attacker. | 7.8 |
| 2024-10-09 | CVE-2024-45137 | Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Indesign InDesign Desktop versions 19.4, 18.5.3 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution. | 7.8 |
| 2024-10-09 | CVE-2024-47423 | Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Framemaker Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution. | 7.8 |
| 2024-10-08 | CVE-2024-37179 | Unrestricted Upload of File with Dangerous Type vulnerability in SAP Businessobjects Business Intelligence 2025/420/430 SAP BusinessObjects Business Intelligence Platform allows an authenticated user to send a specially crafted request to the Web Intelligence Reporting Server to download any file from the machine hosting the service, causing high impact on confidentiality of the application. | 6.5 |
| 2024-10-05 | CVE-2024-9417 | Unrestricted Upload of File with Dangerous Type vulnerability in Hashthemes Hash Form The Hash Form – Drag & Drop Form Builder plugin for WordPress is vulnerable to limited file uploads due to a misconfigured file type validation in the 'handleUpload' function in all versions up to, and including, 1.1.9. | 6.1 |
| 2024-10-05 | CVE-2024-8743 | The Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress plugin for WordPress is vulnerable to Limited JavaScript File Upload in all versions up to, and including, 6.5.7. | 6.8 |
| 2024-10-04 | CVE-2024-37868 | Unrestricted Upload of File with Dangerous Type vulnerability in Emiloimagtolis Online Discussion Forum 1.0 File Upload vulnerability in Itsourcecode Online Discussion Forum Project v.1.0 allows a remote attacker to execute arbitrary code via the "sendreply.php" file, and the uploaded file was received using the "$- FILES" variable. | 8.8 |
| 2024-10-04 | CVE-2024-37869 | Unrestricted Upload of File with Dangerous Type vulnerability in Emiloimagtolis Online Discussion Forum 1.0 File Upload vulnerability in Itsourcecode Online Discussion Forum Project v.1.0 allows a remote attacker to execute arbitrary code via the "poster.php" file, and the uploaded file was received using the "$- FILES" variable | 8.8 |
| 2024-10-04 | CVE-2024-47655 | Unrestricted Upload of File with Dangerous Type vulnerability in Shilpisoft Client Dashboard This vulnerability exists in the Shilpi Client Dashboard due to improper validation of files being uploaded other than the specified extension. | 8.8 |
| 2024-10-01 | CVE-2024-9108 | The Wechat Social login plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'convert_remoteimage_to_local' function in versions up to, and including, 1.3.0. | 9.8 |