Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-29 | CVE-2020-11943 | Unrestricted Upload of File with Dangerous Type vulnerability in Opmantek Open-Audit 3.2.2 An issue was discovered in Open-AudIT 3.2.2. | 8.8 |
| 2020-04-29 | CVE-2020-12252 | Unrestricted Upload of File with Dangerous Type vulnerability in Gigamon Gigavue An issue was discovered in Gigamon GigaVUE 5.5.01.11. | 6.2 |
| 2020-04-27 | CVE-2020-11817 | Unrestricted Upload of File with Dangerous Type vulnerability in Rukovoditel 2.5.2 In Rukovoditel V2.5.2, attackers can upload an arbitrary file to the server just changing the the content-type value. | 9.8 |
| 2020-04-23 | CVE-2020-12077 | Unrestricted Upload of File with Dangerous Type vulnerability in Mappresspro Mappress The mappress-google-maps-for-wordpress plugin before 2.53.9 for WordPress does not correctly implement AJAX functions with nonces (or capability checks), leading to remote code execution. | 8.8 |
| 2020-04-22 | CVE-2020-7055 | Unrestricted Upload of File with Dangerous Type vulnerability in Elementor Page Builder An issue was discovered in Elementor 2.7.4. | 9.9 |
| 2020-04-22 | CVE-2020-11011 | Unrestricted Upload of File with Dangerous Type vulnerability in PHProject In Phproject before version 1.7.8, there's a vulnerability which allows users with access to file uploads to execute arbitrary code. | 8.8 |
| 2020-04-21 | CVE-2020-10569 | Unrestricted Upload of File with Dangerous Type vulnerability in Sysaid On-Premise 20.1.11 SysAid On-Premise 20.1.11, by default, allows the AJP protocol port, which is vulnerable to a GhostCat attack. | 9.8 |
| 2020-04-16 | CVE-2020-11815 | Unrestricted Upload of File with Dangerous Type vulnerability in Rukovoditel 2.5.2 In Rukovoditel 2.5.2, attackers can upload arbitrary file to the server by just changing the content-type value. | 9.8 |
| 2020-04-16 | CVE-2020-11811 | Unrestricted Upload of File with Dangerous Type vulnerability in Qdpm 9.1 In qdPM 9.1, an attacker can upload a malicious .php file to the server by exploiting the Add Profile Photo capability with a crafted content-type value. | 9.8 |
| 2020-04-15 | CVE-2020-9280 | Unrestricted Upload of File with Dangerous Type vulnerability in Silverstripe In SilverStripe through 4.5, files uploaded via Forms to folders migrated from Silverstripe CMS 3.x may be put to the default "/Uploads" folder instead. | 7.5 |