Vulnerabilities > Unrestricted Upload of File with Dangerous Type

DATE CVE VULNERABILITY TITLE RISK
2020-10-05 CVE-2020-26048 Unrestricted Upload of File with Dangerous Type vulnerability in Cuppacms
The file manager option in CuppaCMS before 2019-11-12 allows an authenticated attacker to upload a malicious file within an image extension and through a custom request using the rename function provided by the file manager is able to modify the image extension into PHP resulting in remote arbitrary code execution.
network
low complexity
cuppacms CWE-434
8.8
8.8
2020-09-30 CVE-2020-12715 Unrestricted Upload of File with Dangerous Type vulnerability in Rainbowfishsoftware Pacsone Server 6.8.4
RainbowFish PacsOne Server 6.8.4 has Incorrect Access Control.
network
low complexity
rainbowfishsoftware CWE-434
8.8
8.8
2020-09-30 CVE-2020-15488 Unrestricted Upload of File with Dangerous Type vulnerability in Re-Desk Re:Desk 2.3
Re:Desk 2.3 allows insecure file upload.
network
low complexity
re-desk CWE-434
7.5
7.5
2020-09-30 CVE-2020-25763 Unrestricted Upload of File with Dangerous Type vulnerability in Seat Reservation System Project Seat Reservation System 1.0
Seat Reservation System version 1.0 suffers from an Unauthenticated File Upload Vulnerability allowing Remote Attackers to gain Remote Code Execution (RCE) on the Hosting Webserver via uploading PHP files.
network
low complexity
seat-reservation-system-project CWE-434
critical
 9.8
9.8
2020-09-30 CVE-2020-21564 Unrestricted Upload of File with Dangerous Type vulnerability in Pluck-Cms Pluck 4.7.10/4.7.11
An issue was discovered in Pluck CMS 4.7.10-dev2 and 4.7.11.
network
low complexity
pluck-cms CWE-434
8.8
8.8
2020-09-30 CVE-2020-19672 Unrestricted Upload of File with Dangerous Type vulnerability in Niushop 1.11
Niushop B2B2C Multi-business basic version V1.11, can bypass the administrator to obtain the background upload interface, through parameter upload, bypass the getimagesize function, upload php file, getshell.
network
low complexity
niushop CWE-434
critical
 9.8
9.8
2020-09-25 CVE-2020-25149 Unrestricted Upload of File with Dangerous Type vulnerability in Observium 20.8.10631
An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.
network
low complexity
observium CWE-434
8.8
8.8
2020-09-25 CVE-2020-25145 Unrestricted Upload of File with Dangerous Type vulnerability in Observium 20.8.10631
An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.
network
low complexity
observium CWE-434
8.8
8.8
2020-09-25 CVE-2020-25144 Unrestricted Upload of File with Dangerous Type vulnerability in Observium 20.8.10631
An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.
network
low complexity
observium CWE-434
8.8
8.8
2020-09-25 CVE-2020-25136 Unrestricted Upload of File with Dangerous Type vulnerability in Observium 20.8.10631
An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.
network
low complexity
observium CWE-434
8.8
8.8