Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-10 | CVE-2018-19453 | Unrestricted Upload of File with Dangerous Type vulnerability in Kentico CMS Kentico CMS before 11.0.45 allows unrestricted upload of a file with a dangerous type. | 8.8 |
| 2019-04-10 | CVE-2019-4013 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Bigfix Platform IBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server with root privileges. | 9.9 |
| 2019-04-09 | CVE-2019-3940 | Unrestricted Upload of File with Dangerous Type vulnerability in Advantech Webaccess 8.3.4 Advantech WebAccess 8.3.4 is vulnerable to file upload attacks via unauthenticated RPC call. | 9.8 |
| 2019-04-09 | CVE-2019-11028 | Unrestricted Upload of File with Dangerous Type vulnerability in Gatship web Module 1.30/1.39 GAT-Ship Web Module before 1.40 suffers from a vulnerability allowing authenticated attackers to upload any file type to the server via the "Documents" area. | 8.8 |
| 2019-04-05 | CVE-2019-10478 | Unrestricted Upload of File with Dangerous Type vulnerability in Glory-Global Rbw-100 Firmware Ispk05027.0.0 An issue was discovered on Glory RBW-100 devices with firmware ISP-K05-02 7.0.0. | 7.2 |
| 2019-04-01 | CVE-2019-3489 | Unrestricted Upload of File with Dangerous Type vulnerability in Microfocus Content Manager An unauthenticated file upload vulnerability has been identified in the Web Client component of Micro Focus Content Manager 9.1, 9.2, and 9.3 when configured to use the ADFS authentication method. | 7.5 |
| 2019-03-30 | CVE-2019-10652 | Unrestricted Upload of File with Dangerous Type vulnerability in Flatcore 1.4.7 An issue was discovered in flatCore 1.4.7. | 7.2 |
| 2019-03-30 | CVE-2019-10647 | Unrestricted Upload of File with Dangerous Type vulnerability in Zzzcms Zzzphp 1.6.3 ZZZCMS zzzphp v1.6.3 allows remote attackers to execute arbitrary PHP code via a .php URL in the plugins/ueditor/php/controller.php?action=catchimage source[] parameter because of a lack of inc/zzz_file.php restrictions. | 9.8 |
| 2019-03-29 | CVE-2019-10276 | Unrestricted Upload of File with Dangerous Type vulnerability in Cobub Razor 0.8.0 Western Bridge Cobub Razor 0.8.0 has a file upload vulnerability via the web/assets/swf/uploadify.php URI, as demonstrated by a .php file with the image/jpeg content type. | 9.8 |
| 2019-03-25 | CVE-2019-10012 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products Jenzabar JICS (aka Internet Campus Solution) before 9 allows remote attackers to upload and execute arbitrary .aspx code by placing it in a ZIP archive and using the MoxieManager (for .NET) plugin before 2.1.4 in the moxiemanager directory within the installation folder ICS\ICS.NET\ICSFileServer. | 7.5 |