Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-26 | CVE-2017-17976 | Unrestricted Upload of File with Dangerous Type vulnerability in Perfexcrm Perfex CRM 1.9.7 In Utilities.php in Perfex CRM 1.9.7, Unrestricted file upload can lead to remote code execution. | 9.8 |
| 2018-01-26 | CVE-2017-14521 | Unrestricted Upload of File with Dangerous Type vulnerability in Wondercms 2.3.0/2.3.1 In WonderCMS 2.3.1, the upload functionality accepts random application extensions and leads to malicious File Upload. | 8.8 |
| 2018-01-26 | CVE-2018-1342 | Unrestricted Upload of File with Dangerous Type vulnerability in Netiq Access Manager 4.3/4.4 A Vulnerability exists on Admin Console where an attacker can upload files to the Admin Console server, and potentially execute them. | 9.8 |
| 2018-01-25 | CVE-2018-5997 | Unrestricted Upload of File with Dangerous Type vulnerability in Ravpower Filehub Firmware 2.000.056 An issue was discovered in the HTTP Server in RAVPower Filehub 2.000.056. | 9.8 |
| 2018-01-23 | CVE-2018-5749 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products install.php in Minecraft Servers List Lite before commit c1cd164 and Premium Minecraft Servers List before 2.0.4 does not sanitize input before saving database connection information in connect.php, which might allow remote attackers to execute arbitrary PHP code via the (1) database_server, (2) database_user, (3) database_password, or (4) database_name parameter. network low complexity premium-minecraft-servers-list-project minecraft-servers-list-lite-project CWE-434 critical | 9.8 |
| 2018-01-23 | CVE-2017-18048 | Unrestricted Upload of File with Dangerous Type vulnerability in Monstra 3.0.4 Monstra CMS 3.0.4 allows users to upload arbitrary files, which leads to remote command execution on the server, for example because .php (lowercase) is blocked but .PHP (uppercase) is not. | 8.8 |
| 2018-01-16 | CVE-2018-5724 | Unrestricted Upload of File with Dangerous Type vulnerability in Barni Master IP Camera01 Firmware 3.3.4.2103 MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Download and Upload, as demonstrated by restore.cgi. | 9.8 |
| 2018-01-12 | CVE-2017-16736 | Unrestricted Upload of File with Dangerous Type vulnerability in Advantech Webaccess An Unrestricted Upload Of File With Dangerous Type issue was discovered in Advantech WebAccess versions prior to 8.3. | 7.5 |
| 2018-01-08 | CVE-2014-4972 | Unrestricted Upload of File with Dangerous Type vulnerability in Ajax Upload for Gravity Forms Project Ajax Upload for Gravity Forms 1.0/1.1 Unrestricted file upload vulnerability in the Gravity Upload Ajax plugin 1.1 and earlier for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file under wp-content/uploads/gravity_forms. | 9.8 |
| 2018-01-05 | CVE-2017-15549 | Unrestricted Upload of File with Dangerous Type vulnerability in EMC products An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. | 8.8 |