Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-21 | CVE-2019-14768 | Unrestricted Upload of File with Dangerous Type vulnerability in Dimo-Crm Yellowbox CRM An Arbitrary File Upload issue in the file browser of DIMO YellowBox CRM before 6.3.4 allows a standard authenticated user to deploy a new WebApp WAR file to the Tomcat server via Path Traversal, allowing remote code execution with SYSTEM privileges. | 9.0 |
| 2020-01-21 | CVE-2012-5190 | Unrestricted Upload of File with Dangerous Type vulnerability in Accusoft Prizm Content Connect 5.1 Prizm Content Connect 5.1 has an Arbitrary File Upload Vulnerability | 7.5 |
| 2020-01-21 | CVE-2020-7246 | Unrestricted Upload of File with Dangerous Type vulnerability in Qdpm 8.3/9.0/9.1 A remote code execution (RCE) vulnerability exists in qdPM 9.1 and earlier. | 8.8 |
| 2020-01-21 | CVE-2019-20385 | Unrestricted Upload of File with Dangerous Type vulnerability in Logaritmo Aware Callmanager 2012 The CSV upload feature in /supervisor/procesa_carga.php on Logaritmo Aware CallManager 2012 devices allows upload of .php files with a text/* content type. | 6.5 |
| 2020-01-15 | CVE-2020-2730 | Unrestricted Upload of File with Dangerous Type vulnerability in Oracle Revenue Management and Billing 2.7.0.0/2.7.0.1/2.8.0.0 Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle Financial Services Applications (component: File Upload). | 4.9 |
| 2020-01-15 | CVE-2011-4907 | Unrestricted Upload of File with Dangerous Type vulnerability in Joomla Joomla! Joomla! 1.5x through 1.5.12: Missing JEXEC Check | 5.0 |
| 2020-01-14 | CVE-2011-2933 | Unrestricted Upload of File with Dangerous Type vulnerability in Websitebaker An Arbitrary File Upload vulnerability exists in admin/media/upload.php in WebsiteBaker 2.8.1 and earlier due to a failure to restrict uploaded files with .htaccess, .php4, .php5, and .phtl extensions. | 6.5 |
| 2020-01-14 | CVE-2020-5509 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul CAR Rental Portal 1.0 PHPGurukul Car Rental Project v1.0 allows Remote Code Execution via an executable file in an upload of a new profile image. | 7.2 |
| 2020-01-09 | CVE-2019-20183 | Unrestricted Upload of File with Dangerous Type vulnerability in Employee Records System Project Employee Records System 1.0 uploadimage.php in Employee Records System 1.0 allows upload and execution of arbitrary PHP code because file-extension validation is only on the client side. | 7.2 |
| 2020-01-09 | CVE-2012-2950 | Unrestricted Upload of File with Dangerous Type vulnerability in Gatewaygeomatics Mapserver Gateway Geomatics MapServer for Windows before 3.0.6 contains a Local File Include Vulnerability which allows remote attackers to execute local PHP code and obtain sensitive information. | 9.3 |