Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-05 | CVE-2018-18934 | Unrestricted Upload of File with Dangerous Type vulnerability in Popojicms 2.0.1 An issue was discovered in PopojiCMS v2.0.1. | 9.8 |
| 2018-11-02 | CVE-2018-1552 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Robotic Process Automation With Automation Anywhere 10/11 IBM Robotic Process Automation with Automation Anywhere 10.0 and 11.0 allows a remote attacker to execute arbitrary code on the system, caused by a missing restriction in which file types can be uploaded to the control room. | 8.8 |
| 2018-11-01 | CVE-2018-18888 | Unrestricted Upload of File with Dangerous Type vulnerability in Laravelcms Project Laravelcms 20170525/20180402 An issue was discovered in laravelCMS through 2018-04-02. | 9.8 |
| 2018-10-31 | CVE-2018-18874 | Unrestricted Upload of File with Dangerous Type vulnerability in Nconsulting Nc-Cms nc-cms through 2017-03-10 allows remote attackers to execute arbitrary PHP code via the "Upload File or Image" feature, with a .php filename and "Content-Type: application/octet-stream" to the index.php?action=file_manager_upload URI. | 9.8 |
| 2018-10-30 | CVE-2018-18830 | Unrestricted Upload of File with Dangerous Type vulnerability in Mingsoft Mcms 4.6.5 An issue was discovered in com\mingsoft\basic\action\web\FileAction.java in MCMS 4.6.5. | 9.8 |
| 2018-10-29 | CVE-2018-18771 | Unrestricted Upload of File with Dangerous Type vulnerability in Lulucms Lulu CMS 20150514 An issue was discovered in LuLu CMS through 2015-05-14. | 7.5 |
| 2018-10-29 | CVE-2018-18752 | Unrestricted Upload of File with Dangerous Type vulnerability in Webiness Project Webiness Inventory 2.3 Webiness Inventory 2.3 suffers from an Arbitrary File upload vulnerability via PHP code in the protected/library/ajax/WsSaveToModel.php logo parameter. | 9.8 |
| 2018-10-23 | CVE-2018-18475 | Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Opmanager 12.3 Zoho ManageEngine OpManager before 12.3 build 123214 allows Unrestricted Arbitrary File Upload. | 9.8 |
| 2018-10-16 | CVE-2018-18382 | Unrestricted Upload of File with Dangerous Type vulnerability in Coderpixel Advanced HRM 1.6 Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php file to the user/update-user-avatar URI, which can be accessed through an "Update Profile" "Change Picture" (aka user/edit-profile) action. | 8.8 |
| 2018-10-15 | CVE-2018-18315 | Unrestricted Upload of File with Dangerous Type vulnerability in Mossle Lemon 1.9.0 com/mossle/cdn/CdnController.java in lemon 1.9.0 allows attackers to upload arbitrary files because the copyMultipartFileToFile method in CdnUtils only checks for a ../ substring, and does not validate the file type and spaceName parameter. | 7.5 |