Vulnerabilities > Unrestricted Upload of File with Dangerous Type

DATE CVE VULNERABILITY TITLE RISK
2024-02-08 CVE-2023-40265 Unrestricted Upload of File with Dangerous Type vulnerability in Mitel Unify Openscape Xpressions Webassistant
An issue was discovered in Atos Unify OpenScape Xpressions WebAssistant V7 before V7R1 FR5 HF42 P911.
network
low complexity
mitel CWE-434
8.8
8.8
2024-02-08 CVE-2024-24393 Unrestricted Upload of File with Dangerous Type vulnerability in Oaooa Pichome 1.1.01
File Upload vulnerability index.php in Pichome v.1.1.01 allows a remote attacker to execute arbitrary code via crafted POST request.
network
low complexity
oaooa CWE-434
critical
 9.8
9.8
2024-02-08 CVE-2024-24202 Unrestricted Upload of File with Dangerous Type vulnerability in Easycorp Zentao, Zentao BIZ and Zentao MAX
An arbitrary file upload vulnerability in /upgrade/control.php of ZenTao Community Edition v18.10, ZenTao Biz v8.10, and ZenTao Max v4.10 allows attackers to execute arbitrary code via uploading a crafted .txt file.
network
low complexity
easycorp CWE-434
critical
 9.8
9.8
2024-02-08 CVE-2024-24024 Unrestricted Upload of File with Dangerous Type vulnerability in Xxyopen Novel-Plus
An arbitrary File download vulnerability exists in Novel-Plus v4.3.0-RC1 and prior at com.java2nb.common.controller.FileController: fileDownload().
network
low complexity
xxyopen CWE-434
critical
 9.8
9.8
2024-02-08 CVE-2024-24025 Unrestricted Upload of File with Dangerous Type vulnerability in Xxyopen Novel-Plus
An arbitrary File upload vulnerability exists in Novel-Plus v4.3.0-RC1 and prior at com.java2nb.common.controller.FileController: upload().
network
low complexity
xxyopen CWE-434
critical
 9.8
9.8
2024-02-08 CVE-2024-24026 Unrestricted Upload of File with Dangerous Type vulnerability in Xxyopen Novel-Plus
An arbitrary File upload vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions at com.java2nb.system.controller.SysUserController: uploadImg().
network
low complexity
xxyopen CWE-434
critical
 9.8
9.8
2024-02-08 CVE-2024-24350 Unrestricted Upload of File with Dangerous Type vulnerability in Softwarepublico E-Sic Livre
File Upload vulnerability in Software Publico e-Sic Livre v.2.0 and before allows a remote attacker to execute arbitrary code via the extension filtering component.
network
low complexity
softwarepublico CWE-434
8.8
8.8
2024-02-07 CVE-2024-1264 Unrestricted Upload of File with Dangerous Type vulnerability in Juanpao Jpshop 1.5.02
A vulnerability has been found in Juanpao JPShop up to 1.5.02 and classified as critical.
network
low complexity
juanpao CWE-434
critical
 9.8
9.8
2024-02-06 CVE-2024-1262 Unrestricted Upload of File with Dangerous Type vulnerability in Juanpao Jpshop 1.5.02
A vulnerability, which was classified as critical, has been found in Juanpao JPShop up to 1.5.02.
network
low complexity
juanpao CWE-434
critical
 9.8
9.8
2024-02-06 CVE-2024-1263 Unrestricted Upload of File with Dangerous Type vulnerability in Juanpao Jpshop 1.5.02
A vulnerability, which was classified as critical, was found in Juanpao JPShop up to 1.5.02.
network
low complexity
juanpao CWE-434
critical
 9.8
9.8