Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-28 | CVE-2020-11476 | Unrestricted Upload of File with Dangerous Type vulnerability in Concretecms Concrete CMS Concrete5 before 8.5.3 allows Unrestricted Upload of File with Dangerous Type such as a .phar file. | 7.2 |
| 2020-07-15 | CVE-2020-9309 | Unrestricted Upload of File with Dangerous Type vulnerability in Silverstripe Mimevalidator and Recipe Silverstripe CMS through 4.5 can be susceptible to script execution from malicious upload contents under allowed file extensions (for example HTML code in a TXT file). | 8.8 |
| 2020-07-15 | CVE-2020-14066 | Unrestricted Upload of File with Dangerous Type vulnerability in Icewarp Mail Server 12.3.0.1 IceWarp Email Server 12.3.0.1 allows remote attackers to upload JavaScript files that are dangerous for clients to access. | 8.8 |
| 2020-07-15 | CVE-2020-14065 | Unrestricted Upload of File with Dangerous Type vulnerability in Icewarp Mail Server 12.3.0.1 IceWarp Email Server 12.3.0.1 allows remote attackers to upload files and consume disk space. | 6.5 |
| 2020-07-15 | CVE-2020-12854 | Unrestricted Upload of File with Dangerous Type vulnerability in Seczetta Neprofile 3.3.11 A remote code execution vulnerability was identified in SecZetta NEProfile 3.3.11. | 8.8 |
| 2020-07-14 | CVE-2020-1469 | Unrestricted Upload of File with Dangerous Type vulnerability in Microsoft Bond 9.0.1 A denial of service vulnerability exists when the .NET implementation of Bond improperly parses input, aka 'Bond Denial of Service Vulnerability'. | 7.5 |
| 2020-07-13 | CVE-2019-20897 | Unrestricted Upload of File with Dangerous Type vulnerability in Atlassian products The avatar upload feature in affected versions of Atlassian Jira Server and Data Center allows remote attackers to achieve Denial of Service via a crafted PNG file. | 6.5 |
| 2020-07-10 | CVE-2020-8181 | Unrestricted Upload of File with Dangerous Type vulnerability in Nextcloud Contacts A missing file type check in Nextcloud Contacts 3.2.0 allowed a malicious user to upload any file as avatars. | 4.3 |
| 2020-07-09 | CVE-2020-13994 | Unrestricted Upload of File with Dangerous Type vulnerability in Mods-For-Hesk Mods for Hesk An issue was discovered in Mods for HESK 3.1.0 through 2019.1.0. | 8.8 |
| 2020-06-24 | CVE-2020-13443 | Unrestricted Upload of File with Dangerous Type vulnerability in Expressionengine ExpressionEngine before 5.3.2 allows remote attackers to upload and execute arbitrary code in a .php%20 file via Compose Msg, Add attachment, and Save As Draft actions. | 8.8 |