Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-15 | CVE-2020-12005 | Unrestricted Upload of File with Dangerous Type vulnerability in Rockwellautomation Factorytalk Linx and Rslinx Classic FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 and later, Studio 5000 Launcher: Version 31 and later Stud, 5000 Logix Designer software: Version 32 and prior is vulnerable. | 7.5 |
| 2020-06-15 | CVE-2020-4470 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 through 10.1.5 Administrative Console could allow an authenticated attacker to upload arbitrary files which could be execute arbitrary code on the vulnerable server. | 8.0 |
| 2020-06-15 | CVE-2020-14067 | Unrestricted Upload of File with Dangerous Type vulnerability in Naviwebs Navigatecms 2.9 The install_from_hash functionality in Navigate CMS 2.9 does not consider the .phtml extension when examining files within a ZIP archive that may contain PHP code, in check_upload in lib/packages/extensions/extension.class.php and lib/packages/themes/theme.class.php. | 9.8 |
| 2020-06-12 | CVE-2019-15123 | Unrestricted Upload of File with Dangerous Type vulnerability in Vikisolutions Vera 4.9.1.26180 The Branding Module in Viki Vera 4.9.1.26180 allows an authenticated user to change the logo on the website. | 7.2 |
| 2020-06-11 | CVE-2020-13855 | Unrestricted Upload of File with Dangerous Type vulnerability in Pandorafms Pandora FMS 7.44 Artica Pandora FMS 7.44 allows arbitrary file upload (leading to remote command execution) via the File Repository Manager feature. | 7.2 |
| 2020-06-11 | CVE-2020-13852 | Unrestricted Upload of File with Dangerous Type vulnerability in Pandorafms Pandora FMS 7.44 Artica Pandora FMS 7.44 allows arbitrary file upload (leading to remote command execution) via the File Manager feature. | 7.2 |
| 2020-06-08 | CVE-2020-12800 | Unrestricted Upload of File with Dangerous Type vulnerability in Codedropz Drag and Drop multiple File Upload - Contact Form 7 The drag-and-drop-multiple-file-upload-contact-form-7 plugin before 1.3.3.3 for WordPress allows Unrestricted File Upload and remote code execution by setting supported_type to php% and uploading a .php% file. | 9.8 |
| 2020-06-04 | CVE-2018-21244 | Unrestricted Upload of File with Dangerous Type vulnerability in Foxitsoftware Phantompdf An issue was discovered in Foxit PhantomPDF before 8.3.6. | 9.8 |
| 2020-06-04 | CVE-2018-21243 | Unrestricted Upload of File with Dangerous Type vulnerability in Foxitsoftware Phantompdf An issue was discovered in Foxit PhantomPDF before 8.3.6. | 6.5 |
| 2020-06-03 | CVE-2020-12846 | Unrestricted Upload of File with Dangerous Type vulnerability in Synacor Zimbra Collaboration Suite Zimbra before 8.8.15 Patch 10 and 9.x before 9.0.0 Patch 3 allows remote code execution via an avatar file. | 8.0 |