Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-14 | CVE-2020-5509 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul CAR Rental Portal 1.0 PHPGurukul Car Rental Project v1.0 allows Remote Code Execution via an executable file in an upload of a new profile image. | 7.2 |
| 2020-01-09 | CVE-2019-20183 | Unrestricted Upload of File with Dangerous Type vulnerability in Employee Records System Project Employee Records System 1.0 uploadimage.php in Employee Records System 1.0 allows upload and execution of arbitrary PHP code because file-extension validation is only on the client side. | 7.2 |
| 2020-01-09 | CVE-2012-2950 | Unrestricted Upload of File with Dangerous Type vulnerability in Gatewaygeomatics Mapserver Gateway Geomatics MapServer for Windows before 3.0.6 contains a Local File Include Vulnerability which allows remote attackers to execute local PHP code and obtain sensitive information. | 8.1 |
| 2020-01-09 | CVE-2012-2226 | Unrestricted Upload of File with Dangerous Type vulnerability in Invisioncommunity Invision Power Board Invision Power Board before 3.3.1 fails to sanitize user-supplied input which could allow remote attackers to obtain sensitive information or execute arbitrary code by uploading a malicious file. | 9.8 |
| 2020-01-09 | CVE-2014-3448 | Unrestricted Upload of File with Dangerous Type vulnerability in BSS Continuity CMS Project BSS Continuty CMS 4.2.22640.0 BSS Continuity CMS 4.2.22640.0 has a Remote Code Execution vulnerability due to unauthenticated file upload | 9.8 |
| 2020-01-06 | CVE-2020-5846 | Unrestricted Upload of File with Dangerous Type vulnerability in Ahsay Cloud Backup Suite 8.3.0.30 An insecure file upload and code execution issue was discovered in Ahsay Cloud Backup Suite 8.3.0.30 via a "PUT /obs/obm7/file/upload" request with the base64-encoded pathname in the X-RSW-custom-encode-path HTTP header, and the content in the HTTP request body. | 8.8 |
| 2020-01-06 | CVE-2015-5951 | Unrestricted Upload of File with Dangerous Type vulnerability in Thomsonreuters Fatca A file upload issue exists in the specid parameter in Thomson Reuters FATCH before 5.2, which allows malicious users to upload arbitrary PHP files to the web root and execute system commands. | 9.9 |
| 2020-01-06 | CVE-2015-4553 | Unrestricted Upload of File with Dangerous Type vulnerability in Dedecms 5.5/5.6/5.7 A file upload issue exists in DeDeCMS before 5.7-sp1, which allows malicious users getshell. | 8.8 |
| 2020-01-06 | CVE-2020-5514 | Unrestricted Upload of File with Dangerous Type vulnerability in Gilacms Gila CMS 1.11.8 Gila CMS 1.11.8 allows Unrestricted Upload of a File with a Dangerous Type via .phar or .phtml to the lzld/thumb?src= URI. | 9.1 |
| 2020-01-03 | CVE-2014-8516 | Unrestricted Upload of File with Dangerous Type vulnerability in Cloudfastpath Netcharts Server Unrestricted file upload vulnerability in Visual Mining NetCharts Server allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors. | 9.8 |