Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-09 | CVE-2019-4612 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Planning Analytics 2.0 IBM Planning Analytics 2.0 is vulnerable to malicious file upload in the My Account Portal. | 8.8 |
| 2019-12-09 | CVE-2019-19684 | Unrestricted Upload of File with Dangerous Type vulnerability in Nopcommerce 4.20 nopCommerce v4.2.0 allows privilege escalation via file upload in Presentation/Nop.Web/Admin/Areas/Controllers/PluginController.cs via Admin/FacebookAuthentication/Configure because it is possible to upload a crafted Facebook Auth plugin. | 8.8 |
| 2019-12-05 | CVE-2012-1592 | Unrestricted Upload of File with Dangerous Type vulnerability in Apache Struts 2.0.0 A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which could let a malicious user upload and execute arbitrary files. | 8.8 |
| 2019-12-05 | CVE-2019-19595 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products reset/modules/advanced_form_maker_edit/multiupload/upload.php in the RESET.PRO Adobe Stock API integration 4.8 for PrestaShop allows remote attackers to execute arbitrary code by uploading a .php file. | 9.8 |
| 2019-12-05 | CVE-2019-19594 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products reset/modules/fotoliaFoto/multi_upload.php in the RESET.PRO Adobe Stock API Integration for PrestaShop 1.6 and 1.7 allows remote attackers to execute arbitrary code by uploading a .php file. | 9.8 |
| 2019-12-04 | CVE-2019-11216 | Unrestricted Upload of File with Dangerous Type vulnerability in BMC Remedy Smart Reporting BMC Smart Reporting 7.3 20180418 allows authenticated XXE within the import functionality. | 6.5 |
| 2019-12-04 | CVE-2019-19576 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions. | 9.8 |
| 2019-12-03 | CVE-2019-4130 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Cloud PAK System 2.3/2.3.0.1 IBM Cloud Pak System 2.3 and 2.3.0.1 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server. | 8.8 |
| 2019-12-02 | CVE-2019-19020 | Unrestricted Upload of File with Dangerous Type vulnerability in Titanhq Webtitan An issue was discovered in TitanHQ WebTitan before 5.18. | 7.2 |
| 2019-11-30 | CVE-2019-19468 | Unrestricted Upload of File with Dangerous Type vulnerability in 10-Strike Free Photo Viewer 1.3 Free Photo Viewer 1.3 allows remote attackers to execute arbitrary code via a crafted BMP and/or TIFF file that triggers a malformed SEH, as demonstrated by a 0012ECB4 FreePhot.00425642 42200008 corrupt entry. | 7.8 |