Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-30 | CVE-2018-16097 | Unrestricted Upload of File with Dangerous Type vulnerability in Lenovo Xclarity Integrator LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System Center versions prior to 3.5, allow an authenticated user to write to any system file due to insufficient sanitization during the upload of a certificate. | 6.5 |
| 2018-11-30 | CVE-2018-16093 | Unrestricted Upload of File with Dangerous Type vulnerability in Lenovo Xclarity Integrator In versions prior to 5.5, LXCI for VMware allows an authenticated user to write to any system file due to insufficient sanitization during the upload of a backup file. | 6.5 |
| 2018-11-29 | CVE-2018-15537 | Unrestricted Upload of File with Dangerous Type vulnerability in Ocsinventory-Ng Ocsinventory NG Unrestricted file upload (with remote code execution) in OCS Inventory NG ocsreports allows a privileged user to gain access to the server via crafted HTTP requests. | 8.8 |
| 2018-11-29 | CVE-2018-19692 | Unrestricted Upload of File with Dangerous Type vulnerability in Tp5Cms Project Tp5Cms 20170315/20170525 An issue was discovered in tp5cms through 2017-05-25. | 9.8 |
| 2018-11-27 | CVE-2018-17936 | Unrestricted Upload of File with Dangerous Type vulnerability in Nuuo CMS NUUO CMS All versions 3.3 and prior the application allows the upload of arbitrary files that can modify or overwrite configuration files to the server, which could allow remote code execution. | 9.8 |
| 2018-11-26 | CVE-2018-19562 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPok 4.9.015 An issue was discovered in PHPok 4.9.015. | 8.8 |
| 2018-11-26 | CVE-2018-19550 | Unrestricted Upload of File with Dangerous Type vulnerability in Interspire Email Marketer Interspire Email Marketer through 6.1.6 allows arbitrary file upload via a surveys_submit.php "create survey and submit survey" operation, which can cause a .php file to be accessible under a admin/temp/surveys/ URI. | 8.8 |
| 2018-11-26 | CVE-2018-19537 | Unrestricted Upload of File with Dangerous Type vulnerability in Tp-Link Archer C5 Firmware 2160201Us TP-Link Archer C5 devices through V2_160201_US allow remote command execution via shell metacharacters on the wan_dyn_hostname line of a configuration file that is encrypted with the 478DA50BF9E3D2CF key and uploaded through the web GUI by using the web admin account. | 7.2 |
| 2018-11-22 | CVE-2018-19457 | Unrestricted Upload of File with Dangerous Type vulnerability in Logicspice FAQ Script 2.9.7 Logicspice FAQ Script 2.9.7 allows uploading arbitrary files, which leads to remote command execution via admin/faqs/faqimages with a .php file. | 7.2 |
| 2018-11-21 | CVE-2018-19424 | Unrestricted Upload of File with Dangerous Type vulnerability in Clippercms 1.3.3 ClipperCMS 1.3.3 allows remote authenticated administrators to upload .htaccess files. | 7.2 |