Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-16 | CVE-2019-13359 | Unrestricted Upload of File with Dangerous Type vulnerability in Control-Webpanel Webpanel 0.9.8.836 In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, a cwpsrv-xxx cookie allows a normal user to craft and upload a session file to the /tmp directory, and use it to become the root user. | 7.5 |
| 2019-07-16 | CVE-2019-1010062 | Unrestricted Upload of File with Dangerous Type vulnerability in Pluck-Cms Pluckcms PluckCMS 4.7.4 and earlier is affected by: CWE-434 Unrestricted Upload of File with Dangerous Type. | 9.8 |
| 2019-07-11 | CVE-2019-10935 | Unrestricted Upload of File with Dangerous Type vulnerability in Siemens Simatic PCS 7, Simatic Wincc and Simatic Wincc Runtime A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd 11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC Professional (TIA Portal V13) (All versions), SIMATIC WinCC Professional (TIA Portal V14) (All versions < V14 SP1 Upd 9), SIMATIC WinCC Professional (TIA Portal V15) (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). | 7.2 |
| 2019-07-11 | CVE-2019-10930 | Unrestricted Upload of File with Dangerous Type vulnerability in Siemens products A vulnerability has been identified in All other SIPROTEC 5 device types with CPU variants CP300 and CP100 and the respective Ethernet communication modules (All versions ), DIGSI 5 engineering software (All versions < V7.90), SIPROTEC 5 device types 6MD85, 6MD86, 6MD89, 7UM85, 7SA87, 7SD87, 7SL87, 7VK87, 7SA82, 7SA86, 7SD82, 7SD86, 7SL82, 7SL86, 7SJ86, 7SK82, 7SK85, 7SJ82, 7SJ85, 7UT82, 7UT85, 7UT86, 7UT87 and 7VE85 with CPU variants CP300 and CP100 and the respective Ethernet communication modules (All versions < V7.90), SIPROTEC 5 device types 7SS85 and 7KE85 (All versions < V8.01), SIPROTEC 5 device types with CPU variants CP200 and the respective Ethernet communication modules (All versions). | 7.5 |
| 2019-07-10 | CVE-2019-12803 | Unrestricted Upload of File with Dangerous Type vulnerability in Hunesion I-Onenet In Hunesion i-oneNet version 3.0.7 ~ 3.0.53 and 4.0.4 ~ 4.0.16, the specific upload web module doesn't verify the file extension and type, and an attacker can upload a webshell. | 9.8 |
| 2019-07-10 | CVE-2019-0327 | Unrestricted Upload of File with Dangerous Type vulnerability in SAP Netweaver Application Server Java SAP NetWeaver for Java Application Server - Web Container, (engineapi, versions 7.1, 7.2, 7.3, 7.31, 7.4 and 7.5), (servercode, versions 7.2, 7.3, 7.31, 7.4, 7.5), allows an attacker to upload files (including script files) without proper file format validation. | 7.2 |
| 2019-07-09 | CVE-2019-13464 | Unrestricted Upload of File with Dangerous Type vulnerability in Modsecurity Owasp Modsecurity Core Rule SET 3.0.2 An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) 3.0.2. | 7.5 |
| 2019-07-05 | CVE-2019-12971 | Unrestricted Upload of File with Dangerous Type vulnerability in G-U BKS EBK Ethernet-Buskoppler PRO Firmware BKS EBK Ethernet-Buskoppler Pro before 3.01 allows Unrestricted Upload of a File with a Dangerous Type. | 9.8 |
| 2019-07-04 | CVE-2019-13294 | Unrestricted Upload of File with Dangerous Type vulnerability in Arox School-Erp AROX School-ERP Pro has a command execution vulnerability. | 9.8 |
| 2019-07-02 | CVE-2019-7257 | Unrestricted Upload of File with Dangerous Type vulnerability in Nortekcontrol products Linear eMerge E3-Series devices allow Unrestricted File Upload. | 10.0 |