Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-15 | CVE-2024-5630 | Unrestricted Upload of File with Dangerous Type vulnerability in Elearningfreak Insert or Embed Articulate Content The Insert or Embed Articulate Content into WordPress plugin before 4.3000000024 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites. | 8.8 |
| 2024-07-12 | CVE-2024-40545 | Unrestricted Upload of File with Dangerous Type vulnerability in Publiccms An arbitrary file upload vulnerability in the component /admin/cmsWebFile/doUpload of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file. | 8.8 |
| 2024-07-12 | CVE-2024-40546 | Unrestricted Upload of File with Dangerous Type vulnerability in Publiccms An arbitrary file upload vulnerability in the component /admin/cmsWebFile/save of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file. | 8.8 |
| 2024-07-12 | CVE-2024-40548 | Unrestricted Upload of File with Dangerous Type vulnerability in Publiccms An arbitrary file upload vulnerability in the component /admin/cmsTemplate/save of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file. | 8.8 |
| 2024-07-12 | CVE-2024-40549 | Unrestricted Upload of File with Dangerous Type vulnerability in Publiccms An arbitrary file upload vulnerability in the component /admin/cmsTemplate/savePlace of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file. | 8.8 |
| 2024-07-12 | CVE-2024-40550 | Unrestricted Upload of File with Dangerous Type vulnerability in Publiccms An arbitrary file upload vulnerability in the component /admin/cmsTemplate/savePlaceMetaData of Public CMS v.4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file. | 8.8 |
| 2024-07-12 | CVE-2024-40551 | Unrestricted Upload of File with Dangerous Type vulnerability in Publiccms An arbitrary file upload vulnerability in the component /admin/cmsTemplate/doUpload of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file. | 8.8 |
| 2024-07-12 | CVE-2024-3112 | Unrestricted Upload of File with Dangerous Type vulnerability in Bestwebsoft Quotes and Tips The Quotes and Tips by BestWebSoft WordPress plugin before 1.45 does not properly validate image files uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite setup) | 4.8 |
| 2024-07-08 | CVE-2024-27903 | Unrestricted Upload of File with Dangerous Type vulnerability in Openvpn OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be loaded from any directory, which allows an attacker to load an arbitrary plug-in which can be used to interact with the privileged OpenVPN interactive service. | 9.8 |
| 2024-07-01 | CVE-2024-36987 | Unrestricted Upload of File with Dangerous Type vulnerability in Splunk Cloud and Splunk In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, an authenticated, low-privileged user who does not hold the admin or power Splunk roles could upload a file with an arbitrary extension using the indexing/preview REST endpoint. | 6.5 |