Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-22 | CVE-2019-11446 | Unrestricted Upload of File with Dangerous Type vulnerability in Atutor An issue was discovered in ATutor through 2.2.4. | 8.8 |
| 2019-04-22 | CVE-2019-11445 | Unrestricted Upload of File with Dangerous Type vulnerability in Openkm OpenKM 6.3.2 through 6.3.7 allows an attacker to upload a malicious JSP file into the /okm:root directories and move that file to the home directory of the site, via frontend/FileUpload and admin/repository_export.jsp. | 7.2 |
| 2019-04-22 | CVE-2019-11401 | Unrestricted Upload of File with Dangerous Type vulnerability in Siteserver CMS 6.9.0 A issue was discovered in SiteServer CMS 6.9.0. | 7.2 |
| 2019-04-20 | CVE-2019-11377 | Unrestricted Upload of File with Dangerous Type vulnerability in Wcms 0.3.2 wcms/wex/finder/action.php in WCMS v0.3.2 has a Arbitrary File Upload Vulnerability via developer/finder because .php is a valid extension according to the fm_get_text_exts function. | 8.8 |
| 2019-04-19 | CVE-2019-11344 | Unrestricted Upload of File with Dangerous Type vulnerability in Pluck-Cms Pluck 4.7.8 data/inc/files.php in Pluck 4.7.8 allows remote attackers to execute arbitrary code by uploading a .htaccess file that specifies SetHandler x-httpd-php for a .txt file, because only certain PHP-related filename extensions are blocked. | 9.8 |
| 2019-04-18 | CVE-2019-11223 | Unrestricted Upload of File with Dangerous Type vulnerability in Supportcandy An Unrestricted File Upload Vulnerability in the SupportCandy plugin through 2.0.0 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension. | 9.8 |
| 2019-04-10 | CVE-2018-19453 | Unrestricted Upload of File with Dangerous Type vulnerability in Kentico CMS Kentico CMS before 11.0.45 allows unrestricted upload of a file with a dangerous type. | 8.8 |
| 2019-04-10 | CVE-2019-4013 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Bigfix Platform IBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server with root privileges. | 9.9 |
| 2019-04-09 | CVE-2019-3940 | Unrestricted Upload of File with Dangerous Type vulnerability in Advantech Webaccess 8.3.4 Advantech WebAccess 8.3.4 is vulnerable to file upload attacks via unauthenticated RPC call. | 9.8 |
| 2019-04-09 | CVE-2019-11028 | Unrestricted Upload of File with Dangerous Type vulnerability in Gatship web Module 1.30/1.39 GAT-Ship Web Module before 1.40 suffers from a vulnerability allowing authenticated attackers to upload any file type to the server via the "Documents" area. | 8.8 |