Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-16 | CVE-2020-9472 | Unrestricted Upload of File with Dangerous Type vulnerability in Umbraco CMS 8.5.3 Umbraco CMS 8.5.3 allows an authenticated file upload (and consequently Remote Code Execution) via the Install Package functionality. | 6.5 |
| 2020-03-16 | CVE-2020-9471 | Unrestricted Upload of File with Dangerous Type vulnerability in Umbraco CMS 8.5.3 Umbraco Cloud 8.5.3 allows an authenticated file upload (and consequently Remote Code Execution) via the Install Packages functionality. | 8.8 |
| 2020-03-16 | CVE-2020-5844 | Unrestricted Upload of File with Dangerous Type vulnerability in Artica Pandora FMS 7.0Ng index.php?sec=godmode/extensions&sec2=extensions/files_repo in Pandora FMS v7.0 NG allows authenticated administrators to upload malicious PHP scripts, and execute them via base64 decoding of the file location. | 7.2 |
| 2020-03-16 | CVE-2020-10557 | Unrestricted Upload of File with Dangerous Type vulnerability in Atutor Acontent An issue was discovered in AContent through 1.4. | 8.8 |
| 2020-03-13 | CVE-2020-10562 | Unrestricted Upload of File with Dangerous Type vulnerability in Devome GRR An issue was discovered in DEVOME GRR before 3.4.1c. | 7.2 |
| 2020-03-12 | CVE-2020-10386 | Unrestricted Upload of File with Dangerous Type vulnerability in Chadhaajay PHPkb 9.0 admin/imagepaster/image-upload.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by uploading a .php file in the admin/js/ directory. | 7.2 |
| 2020-03-09 | CVE-2016-6918 | Unrestricted Upload of File with Dangerous Type vulnerability in Lexmark Markvision Enterprise 2.1/2.3.0 Lexmark Markvision Enterprise (MVE) before 2.4.1 allows remote attackers to execute arbitrary commands by uploading files. | 9.8 |
| 2020-03-09 | CVE-2015-7341 | Unrestricted Upload of File with Dangerous Type vulnerability in Joobi Jnews 8.3.1 JNews Joomla Component before 8.5.0 allows arbitrary File Upload via Subscribers or Templates, as demonstrated by the .php5 extension. | 8.8 |
| 2020-03-09 | CVE-2015-7339 | Unrestricted Upload of File with Dangerous Type vulnerability in Widgetfactorylimited JCE 2.5.0/2.5.1/2.5.2 JCE Joomla Component 2.5.0 to 2.5.2 allows arbitrary file upload via a .php file extension for an image file to the /com_jce/editor/libraries/classes/browser.php script. | 8.8 |
| 2020-03-09 | CVE-2020-5256 | Unrestricted Upload of File with Dangerous Type vulnerability in Bookstackapp Bookstack BookStack before version 0.25.5 has a vulnerability where a user could upload PHP files through image upload functions, which would allow them to execute code on the host system remotely. | 8.8 |