Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-30 | CVE-2019-17046 | Unrestricted Upload of File with Dangerous Type vulnerability in Ilch CMS 2.1.22 Ilch 2.1.22 allows remote code execution because php is listed under "Allowed files" on the index.php/admin/media/settings/index page. | 7.2 |
| 2019-09-26 | CVE-2019-15862 | Unrestricted Upload of File with Dangerous Type vulnerability in Cksource Ckfinder An issue was discovered in CKFinder through 2.6.2.1. | 7.5 |
| 2019-09-23 | CVE-2019-16720 | Unrestricted Upload of File with Dangerous Type vulnerability in Zzzcms Zzzphp 1.7.2 ZZZCMS zzzphp v1.7.2 does not properly restrict file upload in plugins/ueditor/php/controller.php?upfolder=news&action=catchimage, as demonstrated by uploading a .htaccess or .php5 file. | 7.5 |
| 2019-09-20 | CVE-2015-9402 | Unrestricted Upload of File with Dangerous Type vulnerability in Usersultra Users Ultra Membership The users-ultra plugin before 1.5.59 for WordPress has uultra-form-cvs-form-conf arbitrary file upload. | 8.8 |
| 2019-09-20 | CVE-2019-14916 | Unrestricted Upload of File with Dangerous Type vulnerability in Prise Adas 1.7.0 An issue was discovered in PRiSE adAS 1.7.0. | 6.5 |
| 2019-09-18 | CVE-2019-14252 | Unrestricted Upload of File with Dangerous Type vulnerability in Publisure 2.1.2 An issue was discovered in the secure portal in Publisure 2.1.2. | 7.2 |
| 2019-09-18 | CVE-2019-15843 | Unrestricted Upload of File with Dangerous Type vulnerability in MI Xiaomi Millet Firmware 16.3.9.3 A malicious file upload vulnerability was discovered in Xiaomi Millet mobile phones 1-6.3.9.3. | 7.4 |
| 2019-09-18 | CVE-2016-10995 | Unrestricted Upload of File with Dangerous Type vulnerability in Templatic Telvolution The Tevolution plugin before 2.3.0 for WordPress has arbitrary file upload via single_upload.php or single-upload.php. | 9.8 |
| 2019-09-17 | CVE-2019-6839 | Unrestricted Upload of File with Dangerous Type vulnerability in Schneider-Electric products A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow a user with low privileges to upload a rogue file. | 8.8 |
| 2019-09-17 | CVE-2019-15131 | Unrestricted Upload of File with Dangerous Type vulnerability in Code42 In Code42 Enterprise 6.7.5 and earlier, 6.8.4 through 6.8.8, and 7.0.0 a vulnerability has been identified that may allow arbitrary files to be uploaded to Code42 servers and executed. | 9.8 |