Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-12 | CVE-2019-18288 | Unrestricted Upload of File with Dangerous Type vulnerability in Siemens Sppa-T3000 Application Server R8.2 A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). | 8.8 |
| 2019-12-12 | CVE-2019-15936 | Unrestricted Upload of File with Dangerous Type vulnerability in Intesync Solismed 3.3 Intesync Solismed 3.3sp allows Insecure File Upload. | 9.8 |
| 2019-12-09 | CVE-2019-4612 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Planning Analytics 2.0 IBM Planning Analytics 2.0 is vulnerable to malicious file upload in the My Account Portal. | 8.8 |
| 2019-12-09 | CVE-2019-19684 | Unrestricted Upload of File with Dangerous Type vulnerability in Nopcommerce 4.20 nopCommerce v4.2.0 allows privilege escalation via file upload in Presentation/Nop.Web/Admin/Areas/Controllers/PluginController.cs via Admin/FacebookAuthentication/Configure because it is possible to upload a crafted Facebook Auth plugin. | 8.8 |
| 2019-12-05 | CVE-2012-1592 | Unrestricted Upload of File with Dangerous Type vulnerability in Apache Struts 2.0.0 A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which could let a malicious user upload and execute arbitrary files. | 8.8 |
| 2019-12-05 | CVE-2019-19595 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products reset/modules/advanced_form_maker_edit/multiupload/upload.php in the RESET.PRO Adobe Stock API integration 4.8 for PrestaShop allows remote attackers to execute arbitrary code by uploading a .php file. | 9.8 |
| 2019-12-05 | CVE-2019-19594 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products reset/modules/fotoliaFoto/multi_upload.php in the RESET.PRO Adobe Stock API Integration for PrestaShop 1.6 and 1.7 allows remote attackers to execute arbitrary code by uploading a .php file. | 9.8 |
| 2019-12-04 | CVE-2019-11216 | Unrestricted Upload of File with Dangerous Type vulnerability in BMC Remedy Smart Reporting BMC Smart Reporting 7.3 20180418 allows authenticated XXE within the import functionality. | 6.5 |
| 2019-12-04 | CVE-2019-19576 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions. | 9.8 |
| 2019-12-03 | CVE-2019-4130 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Cloud PAK System 2.3/2.3.0.1 IBM Cloud Pak System 2.3 and 2.3.0.1 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server. | 8.8 |