Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-17 | CVE-2021-26809 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul CAR Rental Portal 2.0 PHPGurukul Car Rental Project version 2.0 suffers from a remote shell upload vulnerability in changeimage1.php. | 9.8 |
| 2021-02-17 | CVE-2021-25780 | Unrestricted Upload of File with Dangerous Type vulnerability in Baby Care System Project Baby Care System 1.0 An arbitrary file upload vulnerability has been identified in posts.php in Baby Care System 1.0. | 7.2 |
| 2021-02-17 | CVE-2021-22858 | Unrestricted Upload of File with Dangerous Type vulnerability in Changjia Property Management System Project Changjia Property Management System 1.00 Attackers can access the CGE account management function without privilege for permission elevation and execute arbitrary commands or files after obtaining user permissions. | 8.8 |
| 2021-02-15 | CVE-2020-4955 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Spectrum Protect Operations Center IBM Spectrum Protect Operations Center 7.1 and 8.1could allow a remote attacker to execute arbitrary code on the system, caused by improper parameter validation. | 8.0 |
| 2021-02-10 | CVE-2020-28871 | Unrestricted Upload of File with Dangerous Type vulnerability in Monitorr 1.7.6M Remote code execution in Monitorr v1.7.6m in upload.php allows an unauthorized person to execute arbitrary code on the server-side via an insecure file upload. | 9.8 |
| 2021-02-09 | CVE-2021-21131 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. | 6.5 |
| 2021-02-09 | CVE-2021-26918 | Unrestricted Upload of File with Dangerous Type vulnerability in Probot BOT 20210208 The ProBot bot through 2021-02-08 for Discord might allow attackers to interfere with the intended purpose of the "Send an image when a user joins the server" feature (or possibly have unspecified other impact) because the uploader web service allows double extensions (such as .html.jpg) with the text/html content type. | 9.8 |
| 2021-02-02 | CVE-2020-25037 | Unrestricted Upload of File with Dangerous Type vulnerability in Ucopia Wireless Appliance 6.0.5 UCOPIA Wi-Fi appliances 6.0.5 allow arbitrary code execution with admin user privileges via an escape from a restricted command. | 8.2 |
| 2021-02-01 | CVE-2021-3378 | Unrestricted Upload of File with Dangerous Type vulnerability in Fortilogger FortiLogger 4.4.2.2 is affected by Arbitrary File Upload by sending a "Content-Type: image/png" header to Config/SaveUploadedHotspotLogoFile and then visiting Assets/temp/hotspot/img/logohotspot.asp. | 9.8 |
| 2021-02-01 | CVE-2020-20287 | Unrestricted Upload of File with Dangerous Type vulnerability in Yccms 3.3 Unrestricted file upload vulnerability in the yccms 3.3 project. | 9.8 |