Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-09 | CVE-2018-16169 | Unrestricted Upload of File with Dangerous Type vulnerability in Cybozu Remote Service Manager 3.0.0/3.0.1/3.1.0 Cybozu Remote Service 3.0.0 to 3.1.0 allows remote authenticated attackers to upload and execute Java code file on the server via unspecified vectors. | 8.8 |
| 2019-01-04 | CVE-2019-5009 | Unrestricted Upload of File with Dangerous Type vulnerability in Vtiger CRM Vtiger CRM 7.1.0 before Hotfix2 allows uploading files with the extension "php3" in the logo upload field, if the uploaded file is in PNG format and has a size of 150x40. | 7.2 |
| 2019-01-02 | CVE-2018-20166 | Unrestricted Upload of File with Dangerous Type vulnerability in Rukovoditel 2.3.1 A file-upload vulnerability exists in Rukovoditel 2.3.1. | 8.8 |
| 2018-12-28 | CVE-2018-5204 | Unrestricted Upload of File with Dangerous Type vulnerability in Infraware-Global ML Report 2.00.000.0000/2.18.628.5980 ML Report version Between 2.00.000.0000 and 2.18.628.5980 contains a vulnerability that could allow remote attacker to download and execute remote arbitrary file by setting the arguments to the activex method. | 9.8 |
| 2018-12-28 | CVE-2018-15333 | Unrestricted Upload of File with Dangerous Type vulnerability in F5 products On versions 11.2.1. | 5.5 |
| 2018-12-24 | CVE-2018-7836 | Unrestricted Upload of File with Dangerous Type vulnerability in Schneider-Electric Iiot Monitor 3.1.38 An unrestricted Upload of File with Dangerous Type vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow upload and execution of malicious files. | 9.8 |
| 2018-12-20 | CVE-2018-1000839 | Unrestricted Upload of File with Dangerous Type vulnerability in Librehealth EHR 2.0.0 LH-EHR version REL-2_0_0 contains a Arbitrary File Upload vulnerability in Profile picture upload that can result in Remote Code Execution. | 8.8 |
| 2018-12-20 | CVE-2018-1000811 | Unrestricted Upload of File with Dangerous Type vulnerability in Bludit 3.0.0 bludit version 3.0.0 contains a Unrestricted Upload of File with Dangerous Type vulnerability in Content Upload in Pages Editor that can result in Remote Command Execution. | 8.8 |
| 2018-12-18 | CVE-2018-19789 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products An issue was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9, and 4.2.x before 4.2.1. | 5.3 |
| 2018-12-04 | CVE-2018-6152 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page and user interaction. | 9.6 |