Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-09 | CVE-2020-5256 | Unrestricted Upload of File with Dangerous Type vulnerability in Bookstackapp Bookstack BookStack before version 0.25.5 has a vulnerability where a user could upload PHP files through image upload functions, which would allow them to execute code on the host system remotely. | 8.8 |
| 2020-03-08 | CVE-2020-10225 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul JOB Portal 1.0 An unauthenticated file upload vulnerability has been identified in admin/gallery.php in PHPGurukul Job Portal 1.0. | 9.8 |
| 2020-03-08 | CVE-2020-10224 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul Online Book Store 1.0 An unauthenticated file upload vulnerability has been identified in admin_add.php in PHPGurukul Online Book Store 1.0. | 9.8 |
| 2020-03-05 | CVE-2020-9380 | Unrestricted Upload of File with Dangerous Type vulnerability in Whmcssmarters web TV Player 20200222 IPTV Smarters WEB TV PLAYER through 2020-02-22 allows attackers to execute OS commands by uploading a script. | 9.8 |
| 2020-03-02 | CVE-2018-19798 | Unrestricted Upload of File with Dangerous Type vulnerability in Fleetco Fleet Maintenance Management 1.2 Fleetco Fleet Maintenance Management (FMM) 1.2 and earlier allows uploading an arbitrary ".php" file with the application/x-php Content-Type to the accidents_add.php?submit=1 URI, as demonstrated by the value_Images_1 field, which leads to remote command execution on the remote server. | 8.8 |
| 2020-03-02 | CVE-2020-8500 | Unrestricted Upload of File with Dangerous Type vulnerability in Artica Pandora FMS 7.42 In Artica Pandora FMS 7.42, Web Admin users can execute arbitrary code by uploading a .php file via the Updater or Extension component. | 7.2 |
| 2020-03-02 | CVE-2018-17058 | Unrestricted Upload of File with Dangerous Type vulnerability in Jaba Xpress 20180914 An issue was discovered in JABA XPress Online Shop through 2018-09-14. | 8.8 |
| 2020-02-25 | CVE-2016-11020 | Unrestricted Upload of File with Dangerous Type vulnerability in Kunena Kunena before 5.0.4 does not restrict avatar file extensions to gif, jpeg, jpg, and png. | 9.8 |
| 2020-02-24 | CVE-2020-5188 | Unrestricted Upload of File with Dangerous Type vulnerability in Dnnsoftware Dotnetnuke DNN (formerly DotNetNuke) through 9.4.4 has Insecure Permissions. | 6.5 |
| 2020-02-20 | CVE-2020-9320 | Unrestricted Upload of File with Dangerous Type vulnerability in Avira products Avira AV Engine before 8.3.54.138 allows virus-detection bypass via a crafted ISO archive. | 5.5 |