Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-20 | CVE-2019-12744 | Unrestricted Upload of File with Dangerous Type vulnerability in Seeddms SeedDMS before 5.1.11 allows Remote Command Execution (RCE) because of unvalidated file upload of PHP scripts, a different vulnerability than CVE-2018-12940. | 7.5 |
| 2019-06-14 | CVE-2019-9842 | Unrestricted Upload of File with Dangerous Type vulnerability in Miniblog Project Miniblog madskristensen MiniBlog through 2018-05-18 allows remote attackers to execute arbitrary ASPX code via an IMG element with a data: URL, because SaveFilesToDisk in app_code/handlers/PostHandler.cs writes a decoded base64 string to a file without validating the extension. | 7.2 |
| 2019-06-13 | CVE-2019-10959 | Unrestricted Upload of File with Dangerous Type vulnerability in BD products BD Alaris Gateway Workstation Versions, 1.1.3 Build 10, 1.1.3 MR Build 11, 1.2 Build 15, 1.3.0 Build 14, 1.3.1 Build 13, This does not impact the latest firmware Versions 1.3.2 and 1.6.1, Additionally, the following products using software Version 2.3.6 and below, Alaris GS, Alaris GH, Alaris CC, Alaris TIVA, The application does not restrict the upload of malicious files during a firmware update. | 10.0 |
| 2019-06-12 | CVE-2019-7838 | Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Coldfusion 11.0/2016/2018 ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a file extension blacklist bypass vulnerability. | 9.8 |
| 2019-06-07 | CVE-2019-4069 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM products IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 does not properly validate file types, allowing an attacker to upload malicious content. | 8.8 |
| 2019-06-06 | CVE-2019-4056 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM products IBM Maximo Asset Management 7.6 Work Centers' application does not validate file type upon upload, allowing attackers to upload malicious files. | 4.3 |
| 2019-06-05 | CVE-2019-9189 | Unrestricted Upload of File with Dangerous Type vulnerability in Primasystems Flexair 2.3.38 Prima Systems FlexAir, Versions 2.4.9api3 and prior. | 8.8 |
| 2019-06-05 | CVE-2019-9642 | Unrestricted Upload of File with Dangerous Type vulnerability in Pydio An issue was discovered in proxy.php in pydio-core in Pydio through 8.2.2. | 9.8 |
| 2019-06-05 | CVE-2019-1861 | Unrestricted Upload of File with Dangerous Type vulnerability in Cisco Industrial Network Director A vulnerability in the software update feature of Cisco Industrial Network Director could allow an authenticated, remote attacker to execute arbitrary code. | 7.2 |
| 2019-06-05 | CVE-2019-5357 | Unrestricted Upload of File with Dangerous Type vulnerability in HP Intelligent Management Center A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | 8.8 |