Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-02 | CVE-2018-12426 | Unrestricted Upload of File with Dangerous Type vulnerability in 3CX Live Chat The WP Live Chat Support Pro plugin before 8.0.07 for WordPress is vulnerable to unauthenticated Remote Code Execution due to client-side validation of allowed file types, as demonstrated by a v1/remote_upload request with a .php filename and the image/jpeg content type. | 9.8 |
| 2018-07-02 | CVE-2018-12528 | Unrestricted Upload of File with Dangerous Type vulnerability in Intex N150 Firmware An issue was discovered on Intex N150 devices. | 8.1 |
| 2018-07-01 | CVE-2018-13038 | Unrestricted Upload of File with Dangerous Type vulnerability in Opendesa Opensid 18.06Pasca OpenSID 18.06-pasca has an Unrestricted File Upload vulnerability via an Attachment Document in the article feature. | 9.8 |
| 2018-06-29 | CVE-2018-13024 | Unrestricted Upload of File with Dangerous Type vulnerability in Metinfo 6.0.0 Metinfo v6.0.0 allows remote attackers to write code into a .php file, and execute that code, via the module parameter to admin/column/save.php in an editor upload action. | 7.2 |
| 2018-06-29 | CVE-2018-13021 | Unrestricted Upload of File with Dangerous Type vulnerability in Hongcms Project Hongcms 3.0.0 An issue was discovered in HongCMS 3.0.0. | 7.2 |
| 2018-06-27 | CVE-2018-12914 | Unrestricted Upload of File with Dangerous Type vulnerability in Publiccms 4.0.20180210 A remote code execution issue was discovered in PublicCMS V4.0.20180210. | 9.8 |
| 2018-06-26 | CVE-2018-1000544 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Traversal vulnerability in Zip::File component that can result in write arbitrary files to the filesystem. | 9.8 |
| 2018-06-26 | CVE-2018-0571 | Unrestricted Upload of File with Dangerous Type vulnerability in Basercms baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote attackers with a site operator privilege to upload arbitrary files. | 4.3 |
| 2018-06-19 | CVE-2018-12519 | Unrestricted Upload of File with Dangerous Type vulnerability in Codenx Shopnx An issue was discovered in ShopNx through 2017-11-17. | 8.8 |
| 2018-06-16 | CVE-2018-11221 | Unrestricted Upload of File with Dangerous Type vulnerability in Artica Pandora FMS Unauthenticated untrusted file upload in Artica Pandora FMS through version 7.23 allows an attacker to upload an arbitrary plugin via include/ajax/update_manager.ajax in the update system. | 9.8 |