Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-07 | CVE-2024-5745 | Unrestricted Upload of File with Dangerous Type vulnerability in Bakery Online Ordering System Project Bakery Online Ordering System 1.0 A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. | 9.8 |
| 2024-06-07 | CVE-2024-5734 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Discussion Forum Project Online Discussion Forum 1.0 A vulnerability classified as critical has been found in itsourcecode Online Discussion Forum 1.0. | 8.8 |
| 2024-06-06 | CVE-2024-36774 | Unrestricted Upload of File with Dangerous Type vulnerability in Monstra 3.0.4 An arbitrary file upload vulnerability in Monstra CMS v3.0.4 allows attackers to execute arbitrary code via uploading a crafted PHP file. | 7.2 |
| 2024-06-06 | CVE-2024-5278 | Unrestricted Upload of File with Dangerous Type vulnerability in Gaizhenbiao Chuanhuchatgpt gaizhenbiao/chuanhuchatgpt is vulnerable to an unrestricted file upload vulnerability due to insufficient validation of uploaded file types in its `/upload` endpoint. | 6.1 |
| 2024-06-04 | CVE-2024-36858 | Unrestricted Upload of File with Dangerous Type vulnerability in Homebrew JAN 0.4.12 An arbitrary file upload vulnerability in the /v1/app/writeFileSync interface of Jan v0.4.12 allows attackers to execute arbitrary code via uploading a crafted file. | 9.8 |
| 2024-06-04 | CVE-2024-37273 | Unrestricted Upload of File with Dangerous Type vulnerability in Homebrew JAN 0.4.12 An arbitrary file upload vulnerability in the /v1/app/appendFileSync interface of Jan v0.4.12 allows attackers to execute arbitrary code via uploading a crafted file. | 9.8 |
| 2024-06-04 | CVE-2024-29974 | ** UNSUPPORTED WHEN ASSIGNED ** The remote code execution vulnerability in the CGI program “file_upload-cgi” in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an unauthenticated attacker to execute arbitrary code by uploading a crafted configuration file to a vulnerable device. | 9.8 |
| 2024-05-28 | CVE-2022-45171 | Unrestricted Upload of File with Dangerous Type vulnerability in Liveboxcloud Vdesk 018 An issue was discovered in LIVEBOX Collaboration vDesk through v018. | 8.8 |
| 2024-05-15 | CVE-2024-34906 | Unrestricted Upload of File with Dangerous Type vulnerability in Dootask 0.30.13 An arbitrary file upload vulnerability in dootask v0.30.13 allows attackers to execute arbitrary code via uploading a crafted PDF file. | 5.4 |
| 2024-05-15 | CVE-2024-34909 | Unrestricted Upload of File with Dangerous Type vulnerability in Kykms An arbitrary file upload vulnerability in KYKMS v1.0.1 and below allows attackers to execute arbitrary code via uploading a crafted PDF file. | 5.4 |