Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-15 | CVE-2020-0920 | Unrestricted Upload of File with Dangerous Type vulnerability in Microsoft products A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. | 6.5 |
| 2020-04-15 | CVE-2020-10507 | Unrestricted Upload of File with Dangerous Type vulnerability in the School Manage System Project the School Manage System The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of Unrestricted file upload (RCE) , that would allow attackers to gain access in the hosting machine. | 7.5 |
| 2020-04-12 | CVE-2020-11722 | Unrestricted Upload of File with Dangerous Type vulnerability in Dungeon Crawl Stone Soup Project Dungeon Crawl Stone Soup Dungeon Crawl Stone Soup (aka DCSS or crawl) before 0.25 allows remote attackers to execute arbitrary code via Lua bytecode embedded in an uploaded .crawlrc file. | 9.8 |
| 2020-04-09 | CVE-2020-10621 | Unrestricted Upload of File with Dangerous Type vulnerability in Advantech Webaccess/Nms Multiple issues exist that allow files to be uploaded and executed on the WebAccess/NMS (versions prior to 3.0.2). | 10.0 |
| 2020-04-08 | CVE-2020-11629 | Unrestricted Upload of File with Dangerous Type vulnerability in Primekey Ejbca 7.0.0 An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1.2. | 6.5 |
| 2020-04-06 | CVE-2020-11544 | Unrestricted Upload of File with Dangerous Type vulnerability in Projectworlds Official CAR Rental System 1.0 An issue was discovered in Project Worlds Official Car Rental System 1. | 6.5 |
| 2020-04-03 | CVE-2020-8639 | Unrestricted Upload of File with Dangerous Type vulnerability in Testlink 1.9.20 An unrestricted file upload vulnerability in keywordsImport.php in TestLink 1.9.20 allows remote attackers to execute arbitrary code by uploading a file with an executable extension. | 6.5 |
| 2020-04-02 | CVE-2020-11451 | Unrestricted Upload of File with Dangerous Type vulnerability in Microstrategy web 10.1/10.4/7 The Upload Visualization plugin in the Microstrategy Web 10.4 admin panel allows an administrator to upload a ZIP archive containing files with arbitrary extensions and data. | 6.5 |
| 2020-03-31 | CVE-2020-6008 | Unrestricted Upload of File with Dangerous Type vulnerability in Lifterlms LifterLMS Wordpress plugin version below 3.37.15 is vulnerable to arbitrary file write leading to remote code execution | 7.5 |
| 2020-03-25 | CVE-2020-10964 | Unrestricted Upload of File with Dangerous Type vulnerability in S9Y Serendipity Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. | 7.5 |