Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-25 | CVE-2020-10964 | Unrestricted Upload of File with Dangerous Type vulnerability in S9Y Serendipity Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. | 9.8 |
| 2020-03-25 | CVE-2020-10963 | Unrestricted Upload of File with Dangerous Type vulnerability in Frozennode Laravel-Administrator FrozenNode Laravel-Administrator through 5.0.12 allows unrestricted file upload (and consequently Remote Code Execution) via admin/tips_image/image/file_upload image upload with PHP content within a GIF image that has the .php extension. | 7.2 |
| 2020-03-24 | CVE-2020-10934 | Unrestricted Upload of File with Dangerous Type vulnerability in Acyba Acymailing Acyba AcyMailing before 6.9.2 mishandles file uploads by admins. | 7.2 |
| 2020-03-23 | CVE-2020-8866 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products This vulnerability allows remote attackers to create arbitrary files on affected installations of Horde Groupware Webmail Edition 5.2.22. | 6.5 |
| 2020-03-23 | CVE-2020-8511 | Unrestricted Upload of File with Dangerous Type vulnerability in Artica Pandora FMS In Artica Pandora FMS through 7.42, Web Admin users can execute arbitrary code by uploading a .php file via the File Repository component, a different issue than CVE-2020-7935 and CVE-2020-8500. | 7.2 |
| 2020-03-23 | CVE-2020-7935 | Unrestricted Upload of File with Dangerous Type vulnerability in Artica Pandora FMS Artica Pandora FMS through 7.42 is vulnerable to remote PHP code execution because of an Unrestricted Upload Of A File With A Dangerous Type issue in the File Manager. | 7.2 |
| 2020-03-22 | CVE-2020-10806 | Unrestricted Upload of File with Dangerous Type vulnerability in EZ Publish-Kernel and EZ Publish-Legacy eZ Publish Kernel before 5.4.14.1, 6.x before 6.13.6.2, and 7.x before 7.5.6.2 and eZ Publish Legacy before 5.4.14.1, 2017 before 2017.12.7.2, and 2019 before 2019.03.4.2 allow remote attackers to execute arbitrary code by uploading PHP code, unless the vhost configuration permits only app.php execution. | 9.8 |
| 2020-03-20 | CVE-2020-10682 | Unrestricted Upload of File with Dangerous Type vulnerability in Cmsmadesimple CMS Made Simple 2.2.13 The Filemanager in CMS Made Simple 2.2.13 allows remote code execution via a .php.jpegd JPEG file, as demonstrated by m1_files[] to admin/moduleinterface.php. | 7.8 |
| 2020-03-19 | CVE-2019-16066 | Unrestricted Upload of File with Dangerous Type vulnerability in Netsas Enigma Network Management Solution An unrestricted file upload vulnerability exists in user and system file upload functions in NETSAS Enigma NMS 65.0.0 and prior. | 8.8 |
| 2020-03-18 | CVE-2020-9423 | Unrestricted Upload of File with Dangerous Type vulnerability in Logicaldoc LogicalDoc before 8.3.3 could allow an attacker to upload arbitrary files, leading to command execution or retrieval of data from the database. | 9.8 |