Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-24 | CVE-2020-6965 | Unrestricted Upload of File with Dangerous Type vulnerability in Gehealthcare products In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X, B450 Version 2.X, B650 Version 1.X, B650 Version 2.X, B850 Version 1.X, B850 Version 2.X, a vulnerability in the software update mechanism allows an authenticated attacker to upload arbitrary files on the system through a crafted update package. | 9.9 |
| 2020-01-23 | CVE-2012-6649 | Unrestricted Upload of File with Dangerous Type vulnerability in Devfarm WP GPX Maps 1.1.21 WordPress WP GPX Maps Plugin 1.1.21 allows remote attackers to execute arbitrary PHP code via improper file upload. | 9.8 |
| 2020-01-23 | CVE-2019-16514 | Unrestricted Upload of File with Dangerous Type vulnerability in Connectwise Control 19.3.25270.7185 An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. | 7.2 |
| 2020-01-23 | CVE-2013-6358 | Unrestricted Upload of File with Dangerous Type vulnerability in Prestashop 1.5.5.0 PrestaShop 1.5.5 allows remote authenticated attackers to execute arbitrary code by uploading a crafted profile and then accessing it in the module/ directory. | 8.8 |
| 2020-01-21 | CVE-2012-5190 | Unrestricted Upload of File with Dangerous Type vulnerability in Accusoft Prizm Content Connect 5.1 Prizm Content Connect 5.1 has an Arbitrary File Upload Vulnerability | 9.8 |
| 2020-01-21 | CVE-2020-7246 | Unrestricted Upload of File with Dangerous Type vulnerability in Qdpm 8.3/9.0/9.1 A remote code execution (RCE) vulnerability exists in qdPM 9.1 and earlier. | 8.8 |
| 2020-01-21 | CVE-2019-20385 | Unrestricted Upload of File with Dangerous Type vulnerability in Logaritmo Aware Callmanager 2012 The CSV upload feature in /supervisor/procesa_carga.php on Logaritmo Aware CallManager 2012 devices allows upload of .php files with a text/* content type. | 8.8 |
| 2020-01-15 | CVE-2020-2730 | Unrestricted Upload of File with Dangerous Type vulnerability in Oracle Revenue Management and Billing 2.7.0.0/2.7.0.1/2.8.0.0 Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle Financial Services Applications (component: File Upload). | 5.4 |
| 2020-01-15 | CVE-2011-4907 | Unrestricted Upload of File with Dangerous Type vulnerability in Joomla Joomla! Joomla! 1.5x through 1.5.12: Missing JEXEC Check | 5.3 |
| 2020-01-14 | CVE-2011-2933 | Unrestricted Upload of File with Dangerous Type vulnerability in Websitebaker An Arbitrary File Upload vulnerability exists in admin/media/upload.php in WebsiteBaker 2.8.1 and earlier due to a failure to restrict uploaded files with .htaccess, .php4, .php5, and .phtl extensions. | 7.2 |