Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-29 | CVE-2017-15957 | Unrestricted Upload of File with Dangerous Type vulnerability in Ingenious School Management System Project Ingenious School Management System 2.3.0 my_profile.php in Ingenious School Management System 2.3.0 allows a student or teacher to upload an arbitrary file. | 8.8 |
| 2017-10-23 | CVE-2011-4334 | Unrestricted Upload of File with Dangerous Type vulnerability in Labwiki Project Labwiki edit.php in LabWiki 1.1 and earlier does not properly verify uploaded user files, which allows remote authenticated users to upload arbitrary PHP files via a PHP file with a .gif extension in the userfile parameter. | 8.8 |
| 2017-10-23 | CVE-2017-15580 | Unrestricted Upload of File with Dangerous Type vulnerability in Osticket 1.10.1 osTicket 1.10.1 provides a functionality to upload 'html' files with associated formats. | 9.8 |
| 2017-10-17 | CVE-2014-2664 | Unrestricted Upload of File with Dangerous Type vulnerability in X2Engine X2Crm Unrestricted file upload vulnerability in the ProfileController::actionUploadPhoto method in protected/controllers/ProfileController.php in X2Engine X2CRM before 4.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory. | 8.8 |
| 2017-10-16 | CVE-2015-2780 | Unrestricted Upload of File with Dangerous Type vulnerability in Berta CMS Unrestricted file upload vulnerability in Berta CMS allows remote attackers to execute arbitrary code by uploading a crafted image file with an executable extension, then accessing it via a direct request to the file in an unspecified directory. | 9.8 |
| 2017-10-05 | CVE-2017-1000119 | Unrestricted Upload of File with Dangerous Type vulnerability in Octobercms October 1.0.412 October CMS build 412 is vulnerable to PHP code execution in the file upload functionality resulting in site compromise and possibly other applications on the server. | 7.2 |
| 2017-10-04 | CVE-2017-12617 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. | 8.1 |
| 2017-10-03 | CVE-2017-6090 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPcollab 2.5/2.5.1 Unrestricted file upload vulnerability in clients/editclient.php in PhpCollab 2.5.1 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in logos_clients/. | 8.8 |
| 2017-10-02 | CVE-2017-14958 | Unrestricted Upload of File with Dangerous Type vulnerability in Pivotx 2.3.11 lib.php in PivotX 2.3.11 does not properly block uploads of dangerous file types by admin users, which allows remote PHP code execution via an upload of a .php file. | 7.2 |
| 2017-09-30 | CVE-2017-13982 | Unrestricted Upload of File with Dangerous Type vulnerability in HP BSM Platform Application Performance Management System Health 9.26/9.30/9.40 A directory traversal vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows users to upload unrestricted files. | 8.8 |