Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-22 | CVE-2019-11401 | Unrestricted Upload of File with Dangerous Type vulnerability in Siteserver CMS 6.9.0 A issue was discovered in SiteServer CMS 6.9.0. | 7.2 |
| 2019-04-20 | CVE-2019-11377 | Unrestricted Upload of File with Dangerous Type vulnerability in Wcms 0.3.2 wcms/wex/finder/action.php in WCMS v0.3.2 has a Arbitrary File Upload Vulnerability via developer/finder because .php is a valid extension according to the fm_get_text_exts function. | 8.8 |
| 2019-04-19 | CVE-2019-11344 | Unrestricted Upload of File with Dangerous Type vulnerability in Pluck-Cms Pluck 4.7.8 data/inc/files.php in Pluck 4.7.8 allows remote attackers to execute arbitrary code by uploading a .htaccess file that specifies SetHandler x-httpd-php for a .txt file, because only certain PHP-related filename extensions are blocked. | 9.8 |
| 2019-04-18 | CVE-2019-11223 | Unrestricted Upload of File with Dangerous Type vulnerability in Supportcandy An Unrestricted File Upload Vulnerability in the SupportCandy plugin through 2.0.0 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension. | 9.8 |
| 2019-04-10 | CVE-2018-19453 | Unrestricted Upload of File with Dangerous Type vulnerability in Kentico CMS Kentico CMS before 11.0.45 allows unrestricted upload of a file with a dangerous type. | 8.8 |
| 2019-04-10 | CVE-2019-4013 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Bigfix Platform IBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server with root privileges. | 9.9 |
| 2019-04-09 | CVE-2019-3940 | Unrestricted Upload of File with Dangerous Type vulnerability in Advantech Webaccess 8.3.4 Advantech WebAccess 8.3.4 is vulnerable to file upload attacks via unauthenticated RPC call. | 9.8 |
| 2019-04-09 | CVE-2019-11028 | Unrestricted Upload of File with Dangerous Type vulnerability in Gatship web Module 1.30/1.39 GAT-Ship Web Module before 1.40 suffers from a vulnerability allowing authenticated attackers to upload any file type to the server via the "Documents" area. | 8.8 |
| 2019-04-05 | CVE-2019-10478 | Unrestricted Upload of File with Dangerous Type vulnerability in Glory-Global Rbw-100 Firmware Ispk05027.0.0 An issue was discovered on Glory RBW-100 devices with firmware ISP-K05-02 7.0.0. | 7.2 |
| 2019-04-01 | CVE-2019-3489 | Unrestricted Upload of File with Dangerous Type vulnerability in Microfocus Content Manager An unauthenticated file upload vulnerability has been identified in the Web Client component of Micro Focus Content Manager 9.1, 9.2, and 9.3 when configured to use the ADFS authentication method. | 7.5 |