Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-18 | CVE-2020-12255 | Unrestricted Upload of File with Dangerous Type vulnerability in Rconfig 3.9.4 rConfig 3.9.4 is vulnerable to remote code execution due to improper validation in the file upload functionality. | 8.8 |
| 2020-05-18 | CVE-2020-13128 | Unrestricted Upload of File with Dangerous Type vulnerability in Gwtupload Project Gwtupload 1.0.3 An issue was discovered in Manolo GWTUpload 1.0.3. | 7.5 |
| 2020-05-17 | CVE-2020-13126 | Unrestricted Upload of File with Dangerous Type vulnerability in Elementor Page Builder An issue was discovered in the Elementor Pro plugin before 2.9.4 for WordPress, as exploited in the wild in May 2020 in conjunction with CVE-2020-13125. | 9.9 |
| 2020-05-14 | CVE-2020-5577 | Unrestricted Upload of File with Dangerous Type vulnerability in Sixapart Movable Type Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and earlier (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and earlier (Movable Type for AWS 7), Movable Type 6.5.3 and earlier (Movable Type 6.5), Movable Type Advanced 6.5.3 and earlier (Movable Type Advanced 6.5), Movable Type 6.3.11 and earlier (Movable Type 6.3), Movable Type Advanced 6.3.11 and earlier (Movable Type 6.3), Movable Type Premium 1.29 and earlier, and Movable Type Premium Advanced 1.29 and earlier) allow remote authenticated attackers to upload arbitrary files and execute a php script via unspecified vectors. | 8.8 |
| 2020-05-11 | CVE-2020-11108 | Unrestricted Upload of File with Dangerous Type vulnerability in Pi-Hole The Gravity updater in Pi-hole through 4.4 allows an authenticated adversary to upload arbitrary files. | 8.8 |
| 2020-04-30 | CVE-2020-5880 | Unrestricted Upload of File with Dangerous Type vulnerability in F5 products Om BIG-IP 15.0.0-15.0.1.3 and 14.1.0-14.1.2.3, the restjavad process may expose a way for attackers to upload arbitrary files on the BIG-IP system, bypassing the authorization system. | 7.1 |
| 2020-04-29 | CVE-2020-11943 | Unrestricted Upload of File with Dangerous Type vulnerability in Opmantek Open-Audit 3.2.2 An issue was discovered in Open-AudIT 3.2.2. | 8.8 |
| 2020-04-29 | CVE-2020-12252 | Unrestricted Upload of File with Dangerous Type vulnerability in Gigamon Gigavue An issue was discovered in Gigamon GigaVUE 5.5.01.11. | 6.2 |
| 2020-04-27 | CVE-2020-11817 | Unrestricted Upload of File with Dangerous Type vulnerability in Rukovoditel 2.5.2 In Rukovoditel V2.5.2, attackers can upload an arbitrary file to the server just changing the the content-type value. | 9.8 |
| 2020-04-23 | CVE-2020-12077 | Unrestricted Upload of File with Dangerous Type vulnerability in Mappresspro Mappress The mappress-google-maps-for-wordpress plugin before 2.53.9 for WordPress does not correctly implement AJAX functions with nonces (or capability checks), leading to remote code execution. | 8.8 |