Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-12 | CVE-2018-16974 | Unrestricted Upload of File with Dangerous Type vulnerability in Elefantcms Elefant An issue was discovered in Elefant CMS before 2.0.7. | 9.8 |
| 2018-09-12 | CVE-2018-16388 | Unrestricted Upload of File with Dangerous Type vulnerability in E107 2.1.8 e107_web/js/plupload/upload.php in e107 2.1.8 allows remote attackers to execute arbitrary PHP code by uploading a .php filename with the image/jpeg content type. | 7.2 |
| 2018-09-08 | CVE-2018-16731 | Unrestricted Upload of File with Dangerous Type vulnerability in Chshcms Cscms 4.1 CScms 4.1 allows arbitrary file upload by (for example) adding the php extension to the default filetype list (gif, jpg, png), and then providing a .php pathname within fileurl JSON data. | 9.8 |
| 2018-09-07 | CVE-2018-0645 | Unrestricted Upload of File with Dangerous Type vulnerability in Bit-Part Mtappjquery 1.8.1 MTAppjQuery 1.8.1 and earlier allows remote PHP code execution via unspecified vectors. | 9.8 |
| 2018-09-06 | CVE-2018-1000658 | Unrestricted Upload of File with Dangerous Type vulnerability in Limesurvey LimeSurvey version prior to 3.14.4 contains a file upload vulnerability in upload functionality that can result in an attacker gaining code execution via webshell. | 8.8 |
| 2018-09-03 | CVE-2018-16397 | Unrestricted Upload of File with Dangerous Type vulnerability in Limesurvey In LimeSurvey before 3.14.7, an admin user can leverage a "file upload" question to read an arbitrary file, | 4.9 |
| 2018-09-03 | CVE-2018-16373 | Unrestricted Upload of File with Dangerous Type vulnerability in Frog CMS Project Frog CMS 0.9.5 Frog CMS 0.9.5 has an Upload vulnerability that can create files via /admin/?/plugin/file_manager/save. | 4.9 |
| 2018-09-03 | CVE-2018-16370 | Unrestricted Upload of File with Dangerous Type vulnerability in Pescms Team 2.2.1 In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP code through /Public/?g=Team&m=Setting&a=upgrade by placing a .php file in a ZIP archive. | 9.8 |
| 2018-09-02 | CVE-2018-16352 | Unrestricted Upload of File with Dangerous Type vulnerability in Weaselcms Project Weaselcms 0.3.6 There is a PHP code upload vulnerability in WeaselCMS 0.3.6 via index.php because code can be embedded at the end of a .png file when the image/png content type is used. | 9.8 |
| 2018-08-29 | CVE-2018-15882 | Unrestricted Upload of File with Dangerous Type vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.8.12. | 9.8 |