Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-31 | CVE-2017-14050 | Unrestricted Upload of File with Dangerous Type vulnerability in Blackcat-Cms Blackcat CMS 1.2 In BlackCat CMS 1.2, backend/addons/install.php allows remote authenticated users to execute arbitrary PHP code via a ZIP archive that contains a .php file. | 6.5 |
| 2017-08-29 | CVE-2013-7426 | Unrestricted Upload of File with Dangerous Type vulnerability in Kamailio 4.0.11 Insecure Temporary file vulnerability in /tmp/kamailio_fifo in kamailio 4.0.1. | 7.5 |
| 2017-08-29 | CVE-2016-0354 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Sametime IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an authenticated user to upload a malicious file to a Sametime meeting room, that could be downloaded by unsuspecting users which could be executed with user privileges. | 6.0 |
| 2017-08-28 | CVE-2014-9312 | Unrestricted Upload of File with Dangerous Type vulnerability in 10Web Photo Gallery 1.2.5 Unrestricted File Upload vulnerability in Photo Gallery 1.2.5. | 6.5 |
| 2017-08-25 | CVE-2017-9650 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products An Unrestricted Upload of File with Dangerous Type issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. | 4.6 |
| 2017-08-11 | CVE-2017-3108 | Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Experience Manager Adobe Experience Manager 6.2 and earlier has a malicious file execution vulnerability. | 7.5 |
| 2017-08-08 | CVE-2017-11154 | Unrestricted Upload of File with Dangerous Type vulnerability in Synology Photo Station Unrestricted file upload vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to create arbitrary PHP scripts via the type parameter. | 6.5 |
| 2017-08-08 | CVE-2017-12678 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products In TagLib 1.11.1, the rebuildAggregateFrames function in id3v2framefactory.cpp has a pointer to cast vulnerability, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted audio file. | 6.8 |
| 2017-08-07 | CVE-2015-7571 | Unrestricted Upload of File with Dangerous Type vulnerability in Yeager CMS 1.2.1 Unrestricted file upload vulnerability in Yeager CMS 1.2.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension. | 6.8 |
| 2017-07-30 | CVE-2017-11756 | Unrestricted Upload of File with Dangerous Type vulnerability in Earcms EAR Music In Earcms Ear Music through 4.1 build 20170710, remote authenticated users can execute arbitrary PHP code by changing the allowable music-upload extensions to include .php in addition to .mp3 and .m4a in admin.php?iframe=config_upload, and then using user.php/music/add/ to upload the code. | 6.0 |