Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-12 | CVE-2017-14399 | Unrestricted Upload of File with Dangerous Type vulnerability in Blackcat-Cms Blackcat CMS 1.2.2 In BlackCat CMS 1.2.2, unrestricted file upload is possible in backend\media\ajax_rename.php via the extension parameter, as demonstrated by changing the extension from .jpg to .php. | 6.5 |
| 2017-09-12 | CVE-2017-14346 | Unrestricted Upload of File with Dangerous Type vulnerability in Blog Project Blog 20170912 upload.php in tianchoy/blog through 2017-09-12 allows unrestricted file upload and PHP code execution by using the image/jpeg, image/pjpeg, image/png, or image/gif content type for a .php file. | 7.5 |
| 2017-09-12 | CVE-2015-9228 | Unrestricted Upload of File with Dangerous Type vulnerability in Imagely Nextgen Gallery In post-new.php in the Photocrati NextGEN Gallery plugin 2.1.10 for WordPress, unrestricted file upload is available via the name parameter, if a file extension is changed from .jpg to .php. | 9.0 |
| 2017-09-11 | CVE-2017-14251 | Unrestricted Upload of File with Dangerous Type vulnerability in Typo3 Unrestricted File Upload vulnerability in the fileDenyPattern in sysext/core/Classes/Core/SystemEnvironmentBuilder.php in TYPO3 7.6.0 to 7.6.21 and 8.0.0 to 8.7.4 allows remote authenticated users to upload files with a .pht extension and consequently execute arbitrary PHP code. | 6.5 |
| 2017-09-04 | CVE-2017-14123 | Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Firewall Analyzer 12.2 Zoho ManageEngine Firewall Analyzer 12200 has an unrestricted File Upload vulnerability in the "Group Chat" section. | 9.0 |
| 2017-08-31 | CVE-2017-14050 | Unrestricted Upload of File with Dangerous Type vulnerability in Blackcat-Cms Blackcat CMS 1.2 In BlackCat CMS 1.2, backend/addons/install.php allows remote authenticated users to execute arbitrary PHP code via a ZIP archive that contains a .php file. | 6.5 |
| 2017-08-29 | CVE-2013-7426 | Unrestricted Upload of File with Dangerous Type vulnerability in Kamailio 4.0.11 Insecure Temporary file vulnerability in /tmp/kamailio_fifo in kamailio 4.0.1. | 7.5 |
| 2017-08-29 | CVE-2016-0354 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Sametime IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an authenticated user to upload a malicious file to a Sametime meeting room, that could be downloaded by unsuspecting users which could be executed with user privileges. | 6.0 |
| 2017-08-28 | CVE-2014-9312 | Unrestricted Upload of File with Dangerous Type vulnerability in 10Web Photo Gallery 1.2.5 Unrestricted File Upload vulnerability in Photo Gallery 1.2.5. | 6.5 |
| 2017-08-25 | CVE-2017-9650 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products An Unrestricted Upload of File with Dangerous Type issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. | 4.6 |