Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-06 | CVE-2015-6000 | Unrestricted Upload of File with Dangerous Type vulnerability in Vtiger CRM Unrestricted file upload vulnerability in the Settings_Vtiger_CompanyDetailsSave_Action class in modules/Settings/Vtiger/actions/CompanyDetailsSave.php in Vtiger CRM 6.3.0 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in test/logo/. | 6.5 |
| 2020-02-06 | CVE-2011-1597 | Unrestricted Upload of File with Dangerous Type vulnerability in Openvas Manager 2.0.3 OpenVAS Manager v2.0.3 allows plugin remote code execution. | 6.5 |
| 2020-01-31 | CVE-2014-2025 | Unrestricted Upload of File with Dangerous Type vulnerability in Unitedplanet Intrexx 5.2/6.0 Unrestricted file upload vulnerability in an unspecified third party tool in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via unknown vectors. | 7.5 |
| 2020-01-31 | CVE-2020-8440 | Unrestricted Upload of File with Dangerous Type vulnerability in Simplejobscript 1.65/1.66 controllers/page_apply.php in Simplejobscript.com SJS through 1.66 is prone to unauthenticated Remote Code Execution by uploading a PHP script as a resume. | 7.5 |
| 2020-01-28 | CVE-2013-2748 | Unrestricted Upload of File with Dangerous Type vulnerability in Belkin Wemo Switch Firmware Belkin Wemo Switch before WeMo_US_2.00.2176.PVT could allow remote attackers to upload arbitrary files onto the system. | 7.5 |
| 2020-01-28 | CVE-2020-7998 | Unrestricted Upload of File with Dangerous Type vulnerability in Super File Explorer Project Super File Explorer 1.0.1 An arbitrary file upload vulnerability has been discovered in the Super File Explorer app 1.0.1 for iOS. | 9.0 |
| 2020-01-27 | CVE-2013-7390 | Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Desktop Central 7.0.0/7.0.1/8.0.0 Unrestricted file upload vulnerability in AgentLogUploadServlet in ManageEngine DesktopCentral 7.x and 8.0.0 before build 80293 allows remote attackers to execute arbitrary code by uploading a file with a jsp extension, then accessing it via a direct request to the file in the webroot. | 7.5 |
| 2020-01-23 | CVE-2012-6649 | Unrestricted Upload of File with Dangerous Type vulnerability in Devfarm WP GPX Maps 1.1.21 WordPress WP GPX Maps Plugin 1.1.21 allows remote attackers to execute arbitrary PHP code via improper file upload. | 7.5 |
| 2020-01-23 | CVE-2019-16514 | Unrestricted Upload of File with Dangerous Type vulnerability in Connectwise Control 19.3.25270.7185 An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. | 6.5 |
| 2020-01-23 | CVE-2013-6358 | Unrestricted Upload of File with Dangerous Type vulnerability in Prestashop 1.5.5.0 PrestaShop 1.5.5 allows remote authenticated attackers to execute arbitrary code by uploading a crafted profile and then accessing it in the module/ directory. | 9.0 |