Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-30 | CVE-2020-15277 | Unrestricted Upload of File with Dangerous Type vulnerability in Basercms baserCMS before version 4.4.1 is affected by Remote Code Execution (RCE). | 7.2 |
| 2020-10-30 | CVE-2020-4588 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM I2 Ibase 8.9.13 IBM i2 iBase 8.9.13 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. | 7.8 |
| 2020-10-29 | CVE-2020-11486 | Unrestricted Upload of File with Dangerous Type vulnerability in Intel BMC Firmware 1.06.06/2.47 NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which software allows an attacker to upload or transfer files that can be automatically processed within the product's environment, which may lead to remote code execution. | 9.8 |
| 2020-10-28 | CVE-2020-8260 | Unrestricted Upload of File with Dangerous Type vulnerability in Pulsesecure Pulse Secure Desktop Client 9.1 A vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an authenticated attacker to perform an arbitrary code execution using uncontrolled gzip extraction. | 7.2 |
| 2020-10-28 | CVE-2020-27956 | Unrestricted Upload of File with Dangerous Type vulnerability in CAR Rental Management System Project CAR Rental Management System 1.0 An Arbitrary File Upload in the Upload Image component in SourceCodester Car Rental Management System 1.0 allows the user to conduct remote code execution via admin/index.php?page=manage_car because .php files can be uploaded to admin/assets/uploads/ (under the web root). | 9.8 |
| 2020-10-23 | CVE-2020-25483 | Unrestricted Upload of File with Dangerous Type vulnerability in Ucms Project Ucms 1.4.8 An arbitrary command execution vulnerability exists in the fopen() function of file writes of UCMS v1.4.8, where an attacker can gain access to the server. | 9.8 |
| 2020-10-21 | CVE-2020-3436 | Unrestricted Upload of File with Dangerous Type vulnerability in Cisco Firepower Threat Defense A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to upload arbitrary-sized files to specific folders on an affected device, which could lead to an unexpected device reload. | 8.6 |
| 2020-10-16 | CVE-2020-26583 | Unrestricted Upload of File with Dangerous Type vulnerability in Sagedpw Sage DPW 202006000/202006001 An issue was discovered in Sage DPW 2020_06_x before 2020_06_002. | 6.1 |
| 2020-10-05 | CVE-2020-26048 | Unrestricted Upload of File with Dangerous Type vulnerability in Cuppacms The file manager option in CuppaCMS before 2019-11-12 allows an authenticated attacker to upload a malicious file within an image extension and through a custom request using the rename function provided by the file manager is able to modify the image extension into PHP resulting in remote arbitrary code execution. | 8.8 |
| 2020-09-30 | CVE-2020-12715 | Unrestricted Upload of File with Dangerous Type vulnerability in Rainbowfishsoftware Pacsone Server 6.8.4 RainbowFish PacsOne Server 6.8.4 has Incorrect Access Control. | 8.8 |