Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-30 | CVE-2018-18830 | Unrestricted Upload of File with Dangerous Type vulnerability in Mingsoft Mcms 4.6.5 An issue was discovered in com\mingsoft\basic\action\web\FileAction.java in MCMS 4.6.5. | 9.8 |
| 2018-10-29 | CVE-2018-18771 | Unrestricted Upload of File with Dangerous Type vulnerability in Lulucms Lulu CMS 20150514 An issue was discovered in LuLu CMS through 2015-05-14. | 7.5 |
| 2018-10-29 | CVE-2018-18752 | Unrestricted Upload of File with Dangerous Type vulnerability in Webiness Project Webiness Inventory 2.3 Webiness Inventory 2.3 suffers from an Arbitrary File upload vulnerability via PHP code in the protected/library/ajax/WsSaveToModel.php logo parameter. | 9.8 |
| 2018-10-23 | CVE-2018-18475 | Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Opmanager 12.3 Zoho ManageEngine OpManager before 12.3 build 123214 allows Unrestricted Arbitrary File Upload. | 9.8 |
| 2018-10-16 | CVE-2018-18382 | Unrestricted Upload of File with Dangerous Type vulnerability in Coderpixel Advanced HRM 1.6 Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php file to the user/update-user-avatar URI, which can be accessed through an "Update Profile" "Change Picture" (aka user/edit-profile) action. | 8.8 |
| 2018-10-15 | CVE-2018-18315 | Unrestricted Upload of File with Dangerous Type vulnerability in Mossle Lemon 1.9.0 com/mossle/cdn/CdnController.java in lemon 1.9.0 allows attackers to upload arbitrary files because the copyMultipartFileToFile method in CdnUtils only checks for a ../ substring, and does not validate the file type and spaceName parameter. | 7.5 |
| 2018-10-11 | CVE-2018-9206 | Unrestricted Upload of File with Dangerous Type vulnerability in Jquery File Upload Project Jquery File Upload Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0 | 9.8 |
| 2018-10-09 | CVE-2018-18086 | Unrestricted Upload of File with Dangerous Type vulnerability in Phome Empirecms 7.5 EmpireCMS v7.5 has an arbitrary file upload vulnerability in the LoadInMod function in e/class/moddofun.php, exploitable by logged-in users. | 8.8 |
| 2018-10-08 | CVE-2018-17442 | Unrestricted Upload of File with Dangerous Type vulnerability in Dlink Central Wifimanager An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. | 8.8 |
| 2018-10-08 | CVE-2018-17440 | Unrestricted Upload of File with Dangerous Type vulnerability in Dlink Central Wifimanager An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. | 9.8 |