Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-27 | CVE-2024-6054 | Unrestricted Upload of File with Dangerous Type vulnerability in Auto-Featured-Image Project Auto-Featured-Image The Auto Featured Image plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'create_post_attachment_from_url' function in all versions up to, and including, 1.2. | 8.8 |
| 2024-06-25 | CVE-2024-5008 | Unrestricted Upload of File with Dangerous Type vulnerability in Progress Whatsup Gold In WhatsUp Gold versions released before 2023.1.3, an authenticated user with certain permissions can upload an arbitrary file and obtain RCE using Apm.UI.Areas.APM.Controllers.Api.Applications.AppProfileImportController. | 8.8 |
| 2024-06-24 | CVE-2024-6280 | Unrestricted Upload of File with Dangerous Type vulnerability in Oretnom23 Simple Online Bidding System 1.0 A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. | 9.8 |
| 2024-06-21 | CVE-2024-35767 | Unrestricted Upload of File with Dangerous Type vulnerability in Squeeze Project Squeeze Unrestricted Upload of File with Dangerous Type vulnerability in Bogdan Bendziukov Squeeze allows Code Injection.This issue affects Squeeze: from n/a through 1.4. | 7.2 |
| 2024-06-21 | CVE-2023-45197 | Unrestricted Upload of File with Dangerous Type vulnerability in Adminerevo The file upload plugin in Adminer and AdminerEvo allows an attacker to upload a file with a table name of “..” to the root of the Adminer directory. | 9.8 |
| 2024-06-19 | CVE-2024-2381 | Unrestricted Upload of File with Dangerous Type vulnerability in Ali2Woo Aliexpress Dropshipping With Alinext The AliExpress Dropshipping with AliNext Lite plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_save_image function in all versions up to, and including, 3.3.5. | 8.8 |
| 2024-06-18 | CVE-2024-6116 | Unrestricted Upload of File with Dangerous Type vulnerability in Clivedelacruz Simple Online Hotel Reservation System 1.0 A vulnerability, which was classified as critical, has been found in itsourcecode Simple Online Hotel Reservation System 1.0. | 9.8 |
| 2024-06-18 | CVE-2024-6114 | Unrestricted Upload of File with Dangerous Type vulnerability in Janobe Monbela Tourist INN Online Reservation System 1.0 A vulnerability classified as critical has been found in itsourcecode Monbela Tourist Inn Online Reservation System up to 1.0. | 9.8 |
| 2024-06-18 | CVE-2024-6115 | Unrestricted Upload of File with Dangerous Type vulnerability in Clivedelacruz Simple Online Hotel Reservation System 1.0 A vulnerability classified as critical was found in itsourcecode Simple Online Hotel Reservation System 1.0. | 9.8 |
| 2024-06-18 | CVE-2024-6110 | Unrestricted Upload of File with Dangerous Type vulnerability in Janobe Magbanua Beach Resort Online Reservation System 1.0 A vulnerability was found in itsourcecode Magbanua Beach Resort Online Reservation System up to 1.0. | 9.8 |