Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-25 | CVE-2019-14451 | Unrestricted Upload of File with Dangerous Type vulnerability in Repetier-Server RepetierServer.exe in Repetier-Server 0.8 through 0.91 does not properly validate the XML data structure provided when uploading a new printer configuration. | 9.8 |
| 2019-10-24 | CVE-2019-18417 | Unrestricted Upload of File with Dangerous Type vulnerability in Sourcecodester Restaurant Management System 1.0 Sourcecodester Restaurant Management System 1.0 allows an authenticated attacker to upload arbitrary files that can result in code execution. | 8.8 |
| 2019-10-24 | CVE-2019-11021 | Unrestricted Upload of File with Dangerous Type vulnerability in Schlix CMS 2.1.87 admin/app/mediamanager in Schlix CMS 2.1.8-7 allows Authenticated Unrestricted File Upload, leading to remote code execution. | 7.2 |
| 2019-10-22 | CVE-2015-9499 | Unrestricted Upload of File with Dangerous Type vulnerability in Themepunch Showbiz PRO 1.7.1 The Showbiz Pro plugin through 1.7.1 for WordPress has PHP code execution by uploading a .php file within a ZIP archive. | 9.8 |
| 2019-10-21 | CVE-2019-16530 | Unrestricted Upload of File with Dangerous Type vulnerability in Sonatype Nexus Repository Manager Sonatype Nexus Repository Manager 2.x before 2.14.15 and 3.x before 3.19, and IQ Server before 72, has remote code execution. | 7.2 |
| 2019-10-16 | CVE-2019-16700 | Unrestricted Upload of File with Dangerous Type vulnerability in Slub-Dresden Slub Events The slub_events (aka SLUB: Event Registration) extension through 3.0.2 for TYPO3 allows uploading of arbitrary files to the webserver. | 9.8 |
| 2019-10-13 | CVE-2019-17536 | Unrestricted Upload of File with Dangerous Type vulnerability in Gilacms Gila CMS Gila CMS through 1.11.4 allows Unrestricted Upload of a File with a Dangerous Type via the moveAction function in core/controllers/fm.php. | 4.9 |
| 2019-10-10 | CVE-2019-17490 | Unrestricted Upload of File with Dangerous Type vulnerability in Jnoj Jiangnan Online Judge 0.8.0 app\modules\polygon\controllers\ProblemController in Jiangnan Online Judge (aka jnoj) 0.8.0 allows arbitrary file upload, as demonstrated by PHP code (with a .php filename but the image/png content type) to the web/polygon/problem/tests URI. | 8.8 |
| 2019-10-10 | CVE-2015-9479 | Unrestricted Upload of File with Dangerous Type vulnerability in Advancedcustomfields ACF Fronted Display The ACF-Frontend-Display plugin through 2015-07-03 for WordPress has arbitrary file upload via an action=upload request to js/blueimp-jQuery-File-Upload-d45deb1/server/php/index.php. | 9.8 |
| 2019-10-10 | CVE-2015-9471 | Unrestricted Upload of File with Dangerous Type vulnerability in Digitalzoomstudio Zoomsounds The dzs-zoomsounds plugin through 2.0 for WordPress has admin/upload.php arbitrary file upload. | 9.8 |