Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-06 | CVE-2015-6000 | Unrestricted Upload of File with Dangerous Type vulnerability in Vtiger CRM Unrestricted file upload vulnerability in the Settings_Vtiger_CompanyDetailsSave_Action class in modules/Settings/Vtiger/actions/CompanyDetailsSave.php in Vtiger CRM 6.3.0 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in test/logo/. | 8.8 |
| 2020-02-06 | CVE-2011-1597 | Unrestricted Upload of File with Dangerous Type vulnerability in Openvas Manager 2.0.3 OpenVAS Manager v2.0.3 allows plugin remote code execution. | 8.8 |
| 2020-02-05 | CVE-2020-6754 | Unrestricted Upload of File with Dangerous Type vulnerability in Dotcms dotCMS before 5.2.4 is vulnerable to directory traversal, leading to incorrect access control. | 9.8 |
| 2020-01-31 | CVE-2014-2025 | Unrestricted Upload of File with Dangerous Type vulnerability in Unitedplanet Intrexx 5.2/6.0 Unrestricted file upload vulnerability in an unspecified third party tool in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via unknown vectors. | 9.8 |
| 2020-01-31 | CVE-2020-8440 | Unrestricted Upload of File with Dangerous Type vulnerability in Simplejobscript 1.65/1.66 controllers/page_apply.php in Simplejobscript.com SJS through 1.66 is prone to unauthenticated Remote Code Execution by uploading a PHP script as a resume. | 9.8 |
| 2020-01-28 | CVE-2013-2748 | Unrestricted Upload of File with Dangerous Type vulnerability in Belkin Wemo Switch Firmware Belkin Wemo Switch before WeMo_US_2.00.2176.PVT could allow remote attackers to upload arbitrary files onto the system. | 9.8 |
| 2020-01-28 | CVE-2020-7998 | Unrestricted Upload of File with Dangerous Type vulnerability in Super File Explorer Project Super File Explorer 1.0.1 An arbitrary file upload vulnerability has been discovered in the Super File Explorer app 1.0.1 for iOS. | 8.8 |
| 2020-01-27 | CVE-2013-7390 | Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Desktop Central 7.0.0/7.0.1/8.0.0 Unrestricted file upload vulnerability in AgentLogUploadServlet in ManageEngine DesktopCentral 7.x and 8.0.0 before build 80293 allows remote attackers to execute arbitrary code by uploading a file with a jsp extension, then accessing it via a direct request to the file in the webroot. | 9.8 |
| 2020-01-24 | CVE-2020-6965 | Unrestricted Upload of File with Dangerous Type vulnerability in Gehealthcare products In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X, B450 Version 2.X, B650 Version 1.X, B650 Version 2.X, B850 Version 1.X, B850 Version 2.X, a vulnerability in the software update mechanism allows an authenticated attacker to upload arbitrary files on the system through a crafted update package. | 9.9 |
| 2020-01-23 | CVE-2012-6649 | Unrestricted Upload of File with Dangerous Type vulnerability in Devfarm WP GPX Maps 1.1.21 WordPress WP GPX Maps Plugin 1.1.21 allows remote attackers to execute arbitrary PHP code via improper file upload. | 9.8 |