Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-20 | CVE-2018-1000839 | Unrestricted Upload of File with Dangerous Type vulnerability in Librehealth EHR 2.0.0 LH-EHR version REL-2_0_0 contains a Arbitrary File Upload vulnerability in Profile picture upload that can result in Remote Code Execution. | 8.8 |
| 2018-12-20 | CVE-2018-1000811 | Unrestricted Upload of File with Dangerous Type vulnerability in Bludit 3.0.0 bludit version 3.0.0 contains a Unrestricted Upload of File with Dangerous Type vulnerability in Content Upload in Pages Editor that can result in Remote Command Execution. | 8.8 |
| 2018-12-18 | CVE-2018-19789 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products An issue was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9, and 4.2.x before 4.2.1. | 5.3 |
| 2018-12-04 | CVE-2018-6152 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page and user interaction. | 9.6 |
| 2018-11-30 | CVE-2018-16097 | Unrestricted Upload of File with Dangerous Type vulnerability in Lenovo Xclarity Integrator LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System Center versions prior to 3.5, allow an authenticated user to write to any system file due to insufficient sanitization during the upload of a certificate. | 6.5 |
| 2018-11-30 | CVE-2018-16093 | Unrestricted Upload of File with Dangerous Type vulnerability in Lenovo Xclarity Integrator In versions prior to 5.5, LXCI for VMware allows an authenticated user to write to any system file due to insufficient sanitization during the upload of a backup file. | 6.5 |
| 2018-11-29 | CVE-2018-15537 | Unrestricted Upload of File with Dangerous Type vulnerability in Ocsinventory-Ng Ocsinventory NG Unrestricted file upload (with remote code execution) in OCS Inventory NG ocsreports allows a privileged user to gain access to the server via crafted HTTP requests. | 8.8 |
| 2018-11-29 | CVE-2018-19692 | Unrestricted Upload of File with Dangerous Type vulnerability in Tp5Cms Project Tp5Cms 20170315/20170525 An issue was discovered in tp5cms through 2017-05-25. | 9.8 |
| 2018-11-27 | CVE-2018-17936 | Unrestricted Upload of File with Dangerous Type vulnerability in Nuuo CMS NUUO CMS All versions 3.3 and prior the application allows the upload of arbitrary files that can modify or overwrite configuration files to the server, which could allow remote code execution. | 9.8 |
| 2018-11-26 | CVE-2018-19562 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPok 4.9.015 An issue was discovered in PHPok 4.9.015. | 8.8 |