Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-20 | CVE-2018-18565 | Unrestricted Upload of File with Dangerous Type vulnerability in Roche products An issue was discovered in Roche Accu-Chek Inform II Instrument before 03.06.00 (Serial number below 14000) and 04.x before 04.03.00 (Serial Number above 14000), CoaguChek Pro II before 04.03.00, CoaguChek XS Plus before 03.01.06, CoaguChek XS Pro before 03.01.06, cobas h 232 before 03.01.03 (Serial number below KQ0400000 or KS0400000), and cobas h 232 before 04.00.04 (Serial number above KQ0400000 or KS0400000). | 6.8 |
| 2018-11-20 | CVE-2018-18563 | Unrestricted Upload of File with Dangerous Type vulnerability in Roche products An issue was discovered in Roche Accu-Chek Inform II Instrument before 03.06.00 (Serial number below 14000) and 04.x before 04.03.00 (Serial Number above 14000), CoaguChek Pro II before 04.03.00, CoaguChek XS Plus before 03.01.06, CoaguChek XS Pro before 03.01.06, cobas h 232 before 03.01.03 (Serial Number below KQ0400000 or KS0400000) and cobas h 232 before 04.00.04 (Serial Number above KQ0400000 or KS0400000). | 9.6 |
| 2018-11-19 | CVE-2018-9209 | Unrestricted Upload of File with Dangerous Type vulnerability in Fineuploader PHP-Traditional-Server Unauthenticated arbitrary file upload vulnerability in FineUploader php-traditional-server <= v1.2.2 | 9.8 |
| 2018-11-19 | CVE-2018-9207 | Unrestricted Upload of File with Dangerous Type vulnerability in Hayageek Jquery Upload File Arbitrary file upload in jQuery Upload File <= 4.0.2 | 9.8 |
| 2018-11-19 | CVE-2018-19355 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products modules/orderfiles/ajax/upload.php in the Customer Files Upload addon 2018-08-01 for PrestaShop (1.5 through 1.7) allows remote attackers to execute arbitrary code by uploading a php file via modules/orderfiles/upload.php with auptype equal to product (for upload destinations under modules/productfiles), order (for upload destinations under modules/files), or cart (for upload destinations under modules/cartfiles). | 9.8 |
| 2018-11-16 | CVE-2018-18793 | Unrestricted Upload of File with Dangerous Type vulnerability in School Event Management System Project School Event Management System 1.0 School Event Management System 1.0 allows Arbitrary File Upload via event/controller.php?action=photos. | 9.8 |
| 2018-11-15 | CVE-2018-0686 | Unrestricted Upload of File with Dangerous Type vulnerability in NEO Debun Imap and Debun POP Denbun by NEOJAPAN Inc. | 8.8 |
| 2018-11-09 | CVE-2018-19126 | Unrestricted Upload of File with Dangerous Type vulnerability in Prestashop PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remote attackers to execute arbitrary code via a file upload. | 9.8 |
| 2018-11-05 | CVE-2018-9208 | Unrestricted Upload of File with Dangerous Type vulnerability in Tuyoshi Jquery Picture CUT 1.1 Unauthenticated arbitrary file upload vulnerability in jQuery Picture Cut <= v1.1Beta | 9.8 |
| 2018-11-05 | CVE-2018-18942 | Unrestricted Upload of File with Dangerous Type vulnerability in Basercms In baserCMS before 4.1.4, lib\Baser\Model\ThemeConfig.php allows remote attackers to execute arbitrary PHP code via the admin/theme_configs/form data[ThemeConfig][logo] parameter. | 7.2 |