Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-09 | CVE-2019-5395 | Unrestricted Upload of File with Dangerous Type vulnerability in HP 3Par Service Processor Firmware A remote arbitrary file upload vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1. | 8.8 |
| 2019-08-07 | CVE-2019-14748 | Unrestricted Upload of File with Dangerous Type vulnerability in Osticket An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. | 5.4 |
| 2019-08-02 | CVE-2019-7930 | Unrestricted Upload of File with Dangerous Type vulnerability in Magento A file upload restriction bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 7.2 |
| 2019-08-02 | CVE-2019-7912 | Unrestricted Upload of File with Dangerous Type vulnerability in Magento A file upload filter bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 7.2 |
| 2019-08-02 | CVE-2019-7861 | Unrestricted Upload of File with Dangerous Type vulnerability in Magento Insufficient server-side validation of user input could allow an attacker to bypass file upload restrictions in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 7.5 |
| 2019-08-02 | CVE-2017-18435 | Unrestricted Upload of File with Dangerous Type vulnerability in Cpanel cPanel before 64.0.21 allows demo accounts to execute code via the BoxTrapper API (SEC-238). | 7.3 |
| 2019-08-01 | CVE-2018-20926 | Unrestricted Upload of File with Dangerous Type vulnerability in Cpanel cPanel before 70.0.23 allows local privilege escalation via the WHM Locale XML Upload interface (SEC-380). | 6.7 |
| 2019-08-01 | CVE-2018-20925 | Unrestricted Upload of File with Dangerous Type vulnerability in Cpanel cPanel before 70.0.23 allows local privilege escalation via the WHM Legacy Language File Upload interface (SEC-379). | 6.7 |
| 2019-07-31 | CVE-2019-3960 | Unrestricted Upload of File with Dangerous Type vulnerability in Wallaceit Wallacepos 1.4.3 Unrestricted upload of file with dangerous type in WallacePOS 1.4.3 allows a remote, authenticated attacker to execute arbitrary code by uploading a malicious PHP file. | 7.2 |
| 2019-07-29 | CVE-2015-5601 | Unrestricted Upload of File with Dangerous Type vulnerability in EDX Edx-Platform edx-platform before 2015-07-20 allows code execution by privileged users because the course import endpoint mishandles .tar.gz files. | 8.8 |