Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-25 | CVE-2020-25134 | Unrestricted Upload of File with Dangerous Type vulnerability in Observium 20.8.10631 An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. | 8.8 |
| 2020-09-25 | CVE-2020-25133 | Unrestricted Upload of File with Dangerous Type vulnerability in Observium 20.8.10631 An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. | 8.8 |
| 2020-09-24 | CVE-2020-12843 | Unrestricted Upload of File with Dangerous Type vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9 ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading sounds to garage doors. | 9.8 |
| 2020-09-24 | CVE-2020-12837 | Unrestricted Upload of File with Dangerous Type vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9 ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading images to garage doors. | 7.5 |
| 2020-09-23 | CVE-2019-1888 | Unrestricted Upload of File with Dangerous Type vulnerability in Cisco products A vulnerability in the Administration Web Interface of Cisco Unified Contact Center Express (Unified CCX) could allow an authenticated, remote attacker to upload arbitrary files and execute commands on the underlying operating system. | 7.2 |
| 2020-09-22 | CVE-2020-25515 | Unrestricted Upload of File with Dangerous Type vulnerability in Simple Library Management System Project Simple Library Management System 1.0 Sourcecodester Simple Library Management System 1.0 is affected by Insecure Permissions via Books > New Book , http://<site>/lms/index.php?page=books. | 7.8 |
| 2020-09-22 | CVE-2020-15839 | Unrestricted Upload of File with Dangerous Type vulnerability in Liferay Portal Liferay Portal before 7.3.3, and Liferay DXP 7.1 before fix pack 18 and 7.2 before fix pack 6, does not restrict the size of a multipart/form-data POST action, which allows remote authenticated users to conduct denial-of-service attacks by uploading large files. | 6.5 |
| 2020-09-22 | CVE-2020-14022 | Unrestricted Upload of File with Dangerous Type vulnerability in Ozeki NG SMS Gateway Ozeki NG SMS Gateway 4.17.1 through 4.17.6 does not check the file type when bulk importing new contacts ("Import Contacts" functionality) from a file. | 8.8 |
| 2020-09-22 | CVE-2020-4620 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Data Risk Manager IBM Data Risk Manager (iDNA) 2.0.6 could allow a remote authenticated attacker to upload arbitrary files, caused by the improper validation of file extensions. | 8.8 |
| 2020-09-19 | CVE-2020-25790 | Unrestricted Upload of File with Dangerous Type vulnerability in Typesettercms Typesetter 5.0/5.0.1/5.1 Typesetter CMS 5.x through 5.1 allows admins to upload and execute arbitrary PHP code via a .php file inside a ZIP archive. | 7.2 |