Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-09 | CVE-2019-16192 | Unrestricted Upload of File with Dangerous Type vulnerability in Doccms 2016.5.17 upload_model() in /admini/controllers/system/managemodel.php in DocCms 2016.5.17 allow remote attackers to execute arbitrary PHP code through module management files, as demonstrated by a .php file in a ZIP archive. | 9.8 |
| 2019-09-09 | CVE-2019-16131 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPok Oklite 1.2.25 framework/admin/modulec_control.php in OKLite v1.2.25 has an Arbitrary File Upload Vulnerability because a .php file from a ZIP archive can be written to /data/cache/. | 8.8 |
| 2019-09-05 | CVE-2019-13187 | Unrestricted Upload of File with Dangerous Type vulnerability in Symphonyextensions Rich Text Formatter The Rich Text Formatter (Redactor) extension through v1.1.1 for Symphony CMS has an Unauthenticated arbitrary file upload vulnerability in content.fileupload.php and content.imageupload.php. | 9.8 |
| 2019-09-04 | CVE-2019-13976 | Unrestricted Upload of File with Dangerous Type vulnerability in Egain Chat 15.0.3 eGain Chat 15.0.3 allows unrestricted file upload. | 9.8 |
| 2019-09-04 | CVE-2019-15813 | Unrestricted Upload of File with Dangerous Type vulnerability in Sentrifugo 3.2 Multiple file upload restriction bypass vulnerabilities in Sentrifugo 3.2 could allow authenticated users to execute arbitrary code via a webshell. | 8.8 |
| 2019-09-03 | CVE-2019-15866 | Unrestricted Upload of File with Dangerous Type vulnerability in Crelly Slider Project Crelly Slider The crelly-slider plugin before 1.3.5 for WordPress has arbitrary file upload via a PHP file inside a ZIP archive to wp_ajax_crellyslider_importSlider. | 8.8 |
| 2019-08-27 | CVE-2017-18592 | Unrestricted Upload of File with Dangerous Type vulnerability in Wc-Marketplace WC Catalog Enquiry The woocommerce-catalog-enquiry plugin before 3.1.0 for WordPress has an incorrect wp_upload directory for file uploads. | 7.5 |
| 2019-08-27 | CVE-2019-15649 | Unrestricted Upload of File with Dangerous Type vulnerability in Elearningfreak Insert or Embed Articulate Content The insert-or-embed-articulate-content-into-wordpress plugin before 4.2999 for WordPress has insufficient restrictions on file upload. | 8.8 |
| 2019-08-26 | CVE-2019-15524 | Unrestricted Upload of File with Dangerous Type vulnerability in Cszcms CSZ CMS 1.2.3 CSZ CMS 1.2.3 allows arbitrary file upload, as demonstrated by a .php file to admin/filemanager in the File Management Module, which leads to remote code execution by visiting a photo/upload/2019/ URI. | 9.8 |
| 2019-08-22 | CVE-2015-9340 | Unrestricted Upload of File with Dangerous Type vulnerability in Iptanus Wordpress File Upload The wp-file-upload plugin before 3.0.0 for WordPress has insufficient restrictions on upload of php, js, pht, php3, php4, php5, phtml, htm, html, and htaccess files. | 7.5 |