Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-12 | CVE-2020-11722 | Unrestricted Upload of File with Dangerous Type vulnerability in Dungeon Crawl Stone Soup Project Dungeon Crawl Stone Soup Dungeon Crawl Stone Soup (aka DCSS or crawl) before 0.25 allows remote attackers to execute arbitrary code via Lua bytecode embedded in an uploaded .crawlrc file. | 9.8 |
| 2020-04-09 | CVE-2020-10621 | Unrestricted Upload of File with Dangerous Type vulnerability in Advantech Webaccess/Nms 2.0.3 Multiple issues exist that allow files to be uploaded and executed on the WebAccess/NMS (versions prior to 3.0.2). | 9.8 |
| 2020-04-06 | CVE-2020-11598 | Unrestricted Upload of File with Dangerous Type vulnerability in Cipplanner Cipace 6.80 An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. | 9.8 |
| 2020-04-06 | CVE-2020-11544 | Unrestricted Upload of File with Dangerous Type vulnerability in Projectworlds Official CAR Rental System 1.0 An issue was discovered in Project Worlds Official Car Rental System 1. | 7.2 |
| 2020-04-03 | CVE-2020-8639 | Unrestricted Upload of File with Dangerous Type vulnerability in Testlink 1.9.20 An unrestricted file upload vulnerability in keywordsImport.php in TestLink 1.9.20 allows remote attackers to execute arbitrary code by uploading a file with an executable extension. | 8.8 |
| 2020-04-02 | CVE-2020-11451 | Unrestricted Upload of File with Dangerous Type vulnerability in Microstrategy web 10.1/10.4/7 The Upload Visualization plugin in the Microstrategy Web 10.4 admin panel allows an administrator to upload a ZIP archive containing files with arbitrary extensions and data. | 7.2 |
| 2020-03-31 | CVE-2020-6008 | Unrestricted Upload of File with Dangerous Type vulnerability in Lifterlms LifterLMS Wordpress plugin version below 3.37.15 is vulnerable to arbitrary file write leading to remote code execution | 9.8 |
| 2020-03-25 | CVE-2020-10964 | Unrestricted Upload of File with Dangerous Type vulnerability in S9Y Serendipity Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. | 9.8 |
| 2020-03-25 | CVE-2020-10963 | Unrestricted Upload of File with Dangerous Type vulnerability in Frozennode Laravel-Administrator FrozenNode Laravel-Administrator through 5.0.12 allows unrestricted file upload (and consequently Remote Code Execution) via admin/tips_image/image/file_upload image upload with PHP content within a GIF image that has the .php extension. | 7.2 |
| 2020-03-24 | CVE-2020-10934 | Unrestricted Upload of File with Dangerous Type vulnerability in Acyba Acymailing Acyba AcyMailing before 6.9.2 mishandles file uploads by admins. | 7.2 |