Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-03 | CVE-2019-15866 | Unrestricted Upload of File with Dangerous Type vulnerability in Crelly Slider Project Crelly Slider The crelly-slider plugin before 1.3.5 for WordPress has arbitrary file upload via a PHP file inside a ZIP archive to wp_ajax_crellyslider_importSlider. | 8.8 |
| 2019-08-27 | CVE-2017-18592 | Unrestricted Upload of File with Dangerous Type vulnerability in Wc-Marketplace WC Catalog Enquiry The woocommerce-catalog-enquiry plugin before 3.1.0 for WordPress has an incorrect wp_upload directory for file uploads. | 7.5 |
| 2019-08-27 | CVE-2019-15649 | Unrestricted Upload of File with Dangerous Type vulnerability in Elearningfreak Insert or Embed Articulate Content The insert-or-embed-articulate-content-into-wordpress plugin before 4.2999 for WordPress has insufficient restrictions on file upload. | 8.8 |
| 2019-08-26 | CVE-2019-15524 | Unrestricted Upload of File with Dangerous Type vulnerability in Cszcms CSZ CMS 1.2.3 CSZ CMS 1.2.3 allows arbitrary file upload, as demonstrated by a .php file to admin/filemanager in the File Management Module, which leads to remote code execution by visiting a photo/upload/2019/ URI. | 9.8 |
| 2019-08-22 | CVE-2015-9340 | Unrestricted Upload of File with Dangerous Type vulnerability in Iptanus Wordpress File Upload The wp-file-upload plugin before 3.0.0 for WordPress has insufficient restrictions on upload of php, js, pht, php3, php4, php5, phtml, htm, html, and htaccess files. | 7.5 |
| 2019-08-22 | CVE-2015-9339 | Unrestricted Upload of File with Dangerous Type vulnerability in Iptanus Wordpress File Upload The wp-file-upload plugin before 2.7.1 for WordPress has insufficient restrictions on upload of .js files. | 7.5 |
| 2019-08-22 | CVE-2015-9338 | Unrestricted Upload of File with Dangerous Type vulnerability in Iptanus Wordpress File Upload The wp-file-upload plugin before 2.5.0 for WordPress has insufficient restrictions on upload of .php files. | 7.5 |
| 2019-08-22 | CVE-2015-9341 | Unrestricted Upload of File with Dangerous Type vulnerability in Iptanus Wordpress File Upload The wp-file-upload plugin before 3.4.1 for WordPress has insufficient restrictions on upload of .php.js files. | 7.5 |
| 2019-08-22 | CVE-2019-11031 | Unrestricted Upload of File with Dangerous Type vulnerability in Mirasys VMS 7.6.0/8.0.0/8.3.1 Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the auto-update feature of IDVRUpdateService2 in DVRServer.exe. | 9.8 |
| 2019-08-22 | CVE-2018-18572 | Unrestricted Upload of File with Dangerous Type vulnerability in Oscommerce 2.3.4.1 osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. | 7.2 |