Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-09 | CVE-2024-37555 | Unrestricted Upload of File with Dangerous Type vulnerability in Zealousweb Generate PDF Using Contact Form 7 Unrestricted Upload of File with Dangerous Type vulnerability in ZealousWeb Generate PDF using Contact Form 7.This issue affects Generate PDF using Contact Form 7: from n/a through 4.0.6. | 9.8 |
| 2024-07-09 | CVE-2024-5441 | Unrestricted Upload of File with Dangerous Type vulnerability in Webnus Modern Events Calendar The Modern Events Calendar plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the set_featured_image function in all versions up to, and including, 7.11.0. | 8.8 |
| 2024-07-09 | CVE-2024-34692 | Unrestricted Upload of File with Dangerous Type vulnerability in SAP Enable NOW Due to missing verification of file type or content, SAP Enable Now allows an authenticated attacker to upload arbitrary files. | 4.6 |
| 2024-07-08 | CVE-2024-27903 | Unrestricted Upload of File with Dangerous Type vulnerability in Openvpn OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be loaded from any directory, which allows an attacker to load an arbitrary plug-in which can be used to interact with the privileged OpenVPN interactive service. | 9.8 |
| 2024-07-04 | CVE-2024-6318 | Unrestricted Upload of File with Dangerous Type vulnerability in Wbolt Imgspider The IMGspider plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'upload_img_file' function in all versions up to, and including, 2.3.10. | 8.8 |
| 2024-07-04 | CVE-2024-6319 | Unrestricted Upload of File with Dangerous Type vulnerability in Wbolt Imgspider The IMGspider plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'upload' function in all versions up to, and including, 2.3.10. | 8.8 |
| 2024-07-02 | CVE-2024-6439 | Unrestricted Upload of File with Dangerous Type vulnerability in Home Owners Collection Management System Project Home Owners Collection Management System 1.0 A vulnerability was found in SourceCodester Home Owners Collection Management System 1.0 and classified as critical. | 9.8 |
| 2024-07-01 | CVE-2024-36987 | Unrestricted Upload of File with Dangerous Type vulnerability in Splunk Cloud and Splunk In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, an authenticated, low-privileged user who does not hold the admin or power Splunk roles could upload a file with an arbitrary extension using the indexing/preview REST endpoint. | 6.5 |
| 2024-07-01 | CVE-2024-3123 | CHANGING Mobile One Time Password's uploading function in a hidden page does not filter file type properly. | 7.2 |
| 2024-06-27 | CVE-2024-6373 | Unrestricted Upload of File with Dangerous Type vulnerability in Kevinwong Online Food Ordering System 1.0 A vulnerability has been found in itsourcecode Online Food Ordering System up to 1.0 and classified as critical. | 9.8 |