Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-17 | CVE-2019-11074 | Unrestricted Upload of File with Dangerous Type vulnerability in Paessler Prtg Network Monitor A Write to Arbitrary Location in Disk vulnerability exists in PRTG Network Monitor 19.1.49 and below that allows attackers to place files in arbitrary locations with SYSTEM privileges (although not controlling the contents of such files) due to insufficient sanitisation when passing arguments to the phantomjs.exe binary. | 9.0 |
| 2020-03-16 | CVE-2020-9472 | Unrestricted Upload of File with Dangerous Type vulnerability in Umbraco CMS 8.5.3 Umbraco CMS 8.5.3 allows an authenticated file upload (and consequently Remote Code Execution) via the Install Package functionality. | 4.0 |
| 2020-03-16 | CVE-2020-9471 | Unrestricted Upload of File with Dangerous Type vulnerability in Umbraco CMS 8.5.3 Umbraco Cloud 8.5.3 allows an authenticated file upload (and consequently Remote Code Execution) via the Install Packages functionality. | 6.5 |
| 2020-03-16 | CVE-2020-5844 | Unrestricted Upload of File with Dangerous Type vulnerability in Artica Pandora FMS 7.0Ng index.php?sec=godmode/extensions&sec2=extensions/files_repo in Pandora FMS v7.0 NG allows authenticated administrators to upload malicious PHP scripts, and execute them via base64 decoding of the file location. | 7.2 |
| 2020-03-16 | CVE-2020-10557 | Unrestricted Upload of File with Dangerous Type vulnerability in Atutor Acontent An issue was discovered in AContent through 1.4. | 6.5 |
| 2020-03-13 | CVE-2020-10562 | Unrestricted Upload of File with Dangerous Type vulnerability in Devome GRR An issue was discovered in DEVOME GRR before 3.4.1c. | 6.5 |
| 2020-03-12 | CVE-2020-10386 | Unrestricted Upload of File with Dangerous Type vulnerability in Chadhaajay PHPkb 9.0 admin/imagepaster/image-upload.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by uploading a .php file in the admin/js/ directory. | 6.5 |
| 2020-03-09 | CVE-2016-6918 | Unrestricted Upload of File with Dangerous Type vulnerability in Lexmark Markvision Enterprise 2.1/2.3.0 Lexmark Markvision Enterprise (MVE) before 2.4.1 allows remote attackers to execute arbitrary commands by uploading files. | 7.5 |
| 2020-03-09 | CVE-2015-7341 | Unrestricted Upload of File with Dangerous Type vulnerability in Joobi Jnews 8.3.1 JNews Joomla Component before 8.5.0 allows arbitrary File Upload via Subscribers or Templates, as demonstrated by the .php5 extension. | 6.5 |
| 2020-03-09 | CVE-2015-7339 | Unrestricted Upload of File with Dangerous Type vulnerability in Widgetfactorylimited JCE 2.5.0/2.5.1/2.5.2 JCE Joomla Component 2.5.0 to 2.5.2 allows arbitrary file upload via a .php file extension for an image file to the /com_jce/editor/libraries/classes/browser.php script. | 6.5 |