Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-05 | CVE-2019-10478 | Unrestricted Upload of File with Dangerous Type vulnerability in Glory-Global Rbw-100 Firmware Ispk05027.0.0 An issue was discovered on Glory RBW-100 devices with firmware ISP-K05-02 7.0.0. | 7.2 |
| 2019-04-01 | CVE-2019-3489 | Unrestricted Upload of File with Dangerous Type vulnerability in Microfocus Content Manager An unauthenticated file upload vulnerability has been identified in the Web Client component of Micro Focus Content Manager 9.1, 9.2, and 9.3 when configured to use the ADFS authentication method. | 7.5 |
| 2019-03-30 | CVE-2019-10652 | Unrestricted Upload of File with Dangerous Type vulnerability in Flatcore 1.4.7 An issue was discovered in flatCore 1.4.7. | 7.2 |
| 2019-03-30 | CVE-2019-10647 | Unrestricted Upload of File with Dangerous Type vulnerability in Zzzcms Zzzphp 1.6.3 ZZZCMS zzzphp v1.6.3 allows remote attackers to execute arbitrary PHP code via a .php URL in the plugins/ueditor/php/controller.php?action=catchimage source[] parameter because of a lack of inc/zzz_file.php restrictions. | 9.8 |
| 2019-03-29 | CVE-2019-10276 | Unrestricted Upload of File with Dangerous Type vulnerability in Cobub Razor 0.8.0 Western Bridge Cobub Razor 0.8.0 has a file upload vulnerability via the web/assets/swf/uploadify.php URI, as demonstrated by a .php file with the image/jpeg content type. | 9.8 |
| 2019-03-25 | CVE-2019-10012 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products Jenzabar JICS (aka Internet Campus Solution) before 9 allows remote attackers to upload and execute arbitrary .aspx code by placing it in a ZIP archive and using the MoxieManager (for .NET) plugin before 2.1.4 in the moxiemanager directory within the installation folder ICS\ICS.NET\ICSFileServer. | 7.5 |
| 2019-03-21 | CVE-2019-3495 | Unrestricted Upload of File with Dangerous Type vulnerability in Indionetworks Unibox Firmware An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. | 8.8 |
| 2019-03-21 | CVE-2018-20526 | Unrestricted Upload of File with Dangerous Type vulnerability in Roxyfileman Roxy Fileman 1.4.5 Roxy Fileman 1.4.5 allows unrestricted file upload in upload.php. | 9.8 |
| 2019-03-21 | CVE-2018-19514 | Unrestricted Upload of File with Dangerous Type vulnerability in ENS Webgalamb 6.0/7.0 In Webgalamb through 7.0, an arbitrary code execution vulnerability could be exploited remotely without authentication. | 9.8 |
| 2019-03-14 | CVE-2019-9825 | Unrestricted Upload of File with Dangerous Type vulnerability in Feifeicms 4.1.190209 FeiFeiCMS 4.1.190209 allows remote attackers to upload and execute arbitrary PHP code by visiting index.php?s=Admin-Index to modify the set of allowable file extensions, as demonstrated by adding php to the default jpg,gif,png,jpeg setting, and then using the "add article" feature. | 9.8 |