Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-08 | CVE-2018-16731 | Unrestricted Upload of File with Dangerous Type vulnerability in Chshcms Cscms 4.1 CScms 4.1 allows arbitrary file upload by (for example) adding the php extension to the default filetype list (gif, jpg, png), and then providing a .php pathname within fileurl JSON data. | 9.8 |
| 2018-09-07 | CVE-2018-0645 | Unrestricted Upload of File with Dangerous Type vulnerability in Bit-Part Mtappjquery 1.8.1 MTAppjQuery 1.8.1 and earlier allows remote PHP code execution via unspecified vectors. | 9.8 |
| 2018-09-06 | CVE-2018-1000658 | Unrestricted Upload of File with Dangerous Type vulnerability in Limesurvey LimeSurvey version prior to 3.14.4 contains a file upload vulnerability in upload functionality that can result in an attacker gaining code execution via webshell. | 8.8 |
| 2018-09-03 | CVE-2018-16397 | Unrestricted Upload of File with Dangerous Type vulnerability in Limesurvey In LimeSurvey before 3.14.7, an admin user can leverage a "file upload" question to read an arbitrary file, | 4.9 |
| 2018-09-03 | CVE-2018-16373 | Unrestricted Upload of File with Dangerous Type vulnerability in Frog CMS Project Frog CMS 0.9.5 Frog CMS 0.9.5 has an Upload vulnerability that can create files via /admin/?/plugin/file_manager/save. | 4.9 |
| 2018-09-03 | CVE-2018-16370 | Unrestricted Upload of File with Dangerous Type vulnerability in Pescms Team 2.2.1 In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP code through /Public/?g=Team&m=Setting&a=upgrade by placing a .php file in a ZIP archive. | 9.8 |
| 2018-09-02 | CVE-2018-16352 | Unrestricted Upload of File with Dangerous Type vulnerability in Weaselcms Project Weaselcms 0.3.6 There is a PHP code upload vulnerability in WeaselCMS 0.3.6 via index.php because code can be embedded at the end of a .png file when the image/png content type is used. | 9.8 |
| 2018-08-29 | CVE-2018-15882 | Unrestricted Upload of File with Dangerous Type vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.8.12. | 9.8 |
| 2018-08-27 | CVE-2015-9263 | Unrestricted Upload of File with Dangerous Type vulnerability in Idera Uptime Infrastructure Monitor 7.4.0/7.5.0 An issue was discovered in post2file.php in Up.Time Monitoring Station 7.5.0 (build 16) and 7.4.0 (build 13). | 9.8 |
| 2018-08-27 | CVE-2014-10074 | Unrestricted Upload of File with Dangerous Type vulnerability in Umbraco CMS Umbraco before 7.2.0 has a remote PHP code execution vulnerability because Umbraco.Web.UI/config/umbracoSettings.Release.config does not block the upload of .php files. | 9.8 |