Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-17 | CVE-2020-25010 | Unrestricted Upload of File with Dangerous Type vulnerability in Kyland Kps2204 6 Port Managed Din-Rail Programmable Serial Device Firmware R0002.P05 An arbitrary code execution vulnerability in Kyland KPS2204 6 Port Managed Din-Rail Programmable Serial Device Servers Software Version:R0002.P05 allows remote attackers to upload a malicious script file by constructing a POST type request and writing a payload in the request parameters as an instruction to write a file. | 9.8 |
| 2020-12-16 | CVE-2020-35133 | Unrestricted Upload of File with Dangerous Type vulnerability in Irfanview 4.56 irfanView 4.56 contains an error processing parsing files of type .pcx. | 7.5 |
| 2020-12-16 | CVE-2020-29607 | Unrestricted Upload of File with Dangerous Type vulnerability in Pluck-Cms Pluck A file upload restriction bypass vulnerability in Pluck CMS before 4.7.13 allows an admin privileged user to gain access in the host through the "manage files" functionality, which may result in remote code execution. | 7.2 |
| 2020-12-15 | CVE-2020-28072 | Unrestricted Upload of File with Dangerous Type vulnerability in Alumni Management System Project Alumni Management System 1.0 A Remote Code Execution vulnerability exists in DourceCodester Alumni Management System 1.0. | 7.2 |
| 2020-12-09 | CVE-2020-26828 | Unrestricted Upload of File with Dangerous Type vulnerability in SAP Disclosure Management 10.1 SAP Disclosure Management, version - 10.1, provides capabilities for authorized users to upload and download content of specific file type. | 6.4 |
| 2020-12-09 | CVE-2020-26826 | Unrestricted Upload of File with Dangerous Type vulnerability in SAP Netweaver Application Server Java 7.31/7.40/7.50 Process Integration Monitoring of SAP NetWeaver AS JAVA, versions - 7.31, 7.40, 7.50, allows an attacker to upload any file (including script files) without proper file format validation, leading to Unrestricted File Upload. | 6.5 |
| 2020-12-09 | CVE-2020-23520 | Unrestricted Upload of File with Dangerous Type vulnerability in Txjia Imcat 5.2 imcat 5.2 allows an authenticated file upload and consequently remote code execution via the picture functionality. | 7.2 |
| 2020-12-08 | CVE-2020-26255 | Unrestricted Upload of File with Dangerous Type vulnerability in Getkirby Kirby and Panel Kirby is a CMS. | 9.1 |
| 2020-12-07 | CVE-2020-29597 | Unrestricted Upload of File with Dangerous Type vulnerability in Incomcms Project Incomcms 2.0 IncomCMS 2.0 has a modules/uploader/showcase/script.php insecure file upload vulnerability. | 9.8 |
| 2020-12-03 | CVE-2020-28939 | Unrestricted Upload of File with Dangerous Type vulnerability in Openclinic Project Openclinic 0.8.2 OpenClinic version 0.8.2 is affected by a medical/test_new.php insecure file upload vulnerability. | 7.2 |