Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-04 | CVE-2018-21243 | Unrestricted Upload of File with Dangerous Type vulnerability in Foxitsoftware Phantompdf An issue was discovered in Foxit PhantomPDF before 8.3.6. | 6.5 |
| 2020-06-03 | CVE-2020-12846 | Unrestricted Upload of File with Dangerous Type vulnerability in Synacor Zimbra Collaboration Suite Zimbra before 8.8.15 Patch 10 and 9.x before 9.0.0 Patch 3 allows remote code execution via an avatar file. | 8.0 |
| 2020-05-29 | CVE-2020-12675 | Unrestricted Upload of File with Dangerous Type vulnerability in Mappresspro Mappress The mappress-google-maps-for-wordpress plugin before 2.54.6 for WordPress does not correctly implement capability checks for AJAX functions related to creation/retrieval/deletion of PHP template files, leading to Remote Code Execution. | 8.8 |
| 2020-05-25 | CVE-2020-13442 | Unrestricted Upload of File with Dangerous Type vulnerability in Dext5 2.7.1402870 A Remote code execution vulnerability exists in DEXT5Upload in DEXT5 through 2.7.1402870. | 9.8 |
| 2020-05-22 | CVE-2020-13384 | Unrestricted Upload of File with Dangerous Type vulnerability in Monstra 3.0.4 Monstra CMS 3.0.4 allows remote authenticated users to upload and execute arbitrary PHP code via admin/index.php?id=filesmanager because, for example, .php filenames are blocked but .php7 filenames are not, a related issue to CVE-2017-18048. | 8.8 |
| 2020-05-21 | CVE-2020-1112 | Unrestricted Upload of File with Dangerous Type vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) IIS module improperly handles uploaded content, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'. | 9.9 |
| 2020-05-21 | CVE-2020-1102 | Unrestricted Upload of File with Dangerous Type vulnerability in Microsoft Sharepoint Enterprise Server and Sharepoint Server A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. | 8.8 |
| 2020-05-21 | CVE-2020-1024 | Unrestricted Upload of File with Dangerous Type vulnerability in Microsoft products A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. | 8.8 |
| 2020-05-21 | CVE-2020-1023 | Unrestricted Upload of File with Dangerous Type vulnerability in Microsoft products A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. | 8.8 |
| 2020-05-21 | CVE-2020-12828 | Unrestricted Upload of File with Dangerous Type vulnerability in Pango Virtual Private Network Software Development KIT An issue was discovered in AnchorFree VPN SDK before 1.3.3.218. | 9.8 |