Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-18 | CVE-2019-17058 | Unrestricted Upload of File with Dangerous Type vulnerability in Footy Tipping Software 2019 Footy Tipping Software AFL Web Edition 2019 allows arbitrary file upload and resultant remote code execution because a whitelist can be bypassed by an Administrator who uploads a crafted upload.dat file. | 9.1 |
| 2019-11-18 | CVE-2019-14467 | Unrestricted Upload of File with Dangerous Type vulnerability in Infoway Social Photo Gallery 1.0 The Social Photo Gallery plugin 1.0 for WordPress allows Remote Code Execution by creating an album and attaching a malicious PHP file in the cover photo album, because the file extension is not checked. | 7.8 |
| 2019-11-13 | CVE-2019-18952 | Unrestricted Upload of File with Dangerous Type vulnerability in Sibsoft Xfilesharing 2.5.1 SibSoft Xfilesharing through 2.5.1 allows cgi-bin/up.cgi arbitrary file upload. | 9.8 |
| 2019-11-13 | CVE-2014-1214 | Unrestricted Upload of File with Dangerous Type vulnerability in Projoom Smart Flash Header 3.0.2 views/upload.php in the ProJoom Smart Flash Header (NovaSFH) component 3.0.2 and earlier for Joomla! allows remote attackers to upload and execute arbitrary files via a crafted (1) dest parameter and (2) arbitrary extension in the Filename parameter. | 8.8 |
| 2019-11-13 | CVE-2010-4661 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules. | 7.8 |
| 2019-11-12 | CVE-2019-1443 | Unrestricted Upload of File with Dangerous Type vulnerability in Microsoft products An information disclosure vulnerability exists in Microsoft SharePoint when an attacker uploads a specially crafted file to the SharePoint Server.An authenticated attacker who successfully exploited this vulnerability could potentially leverage SharePoint functionality to obtain SMB hashes.The security update addresses the vulnerability by correcting how SharePoint checks file content., aka 'Microsoft SharePoint Information Disclosure Vulnerability'. | 6.5 |
| 2019-11-12 | CVE-2019-12719 | Unrestricted Upload of File with Dangerous Type vulnerability in AUO Sunveillance Monitoring System & Data Recorder An issue was discovered in Picture_Manage_mvc.aspx in AUO SunVeillance Monitoring System before v1.1.9e. | 9.8 |
| 2019-11-06 | CVE-2019-8140 | Unrestricted Upload of File with Dangerous Type vulnerability in Magento An unrestricted file upload vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 4.9 |
| 2019-11-05 | CVE-2019-8114 | Unrestricted Upload of File with Dangerous Type vulnerability in Magento A remote code execution vulnerability exists in Magento 1 prior to 1.9.4.3 and 1.14.4.3, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 7.2 |
| 2019-11-05 | CVE-2019-8093 | Unrestricted Upload of File with Dangerous Type vulnerability in Magento An arbitrary file access vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 8.8 |