Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-15 | CVE-2018-12491 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPok 4.9.032 PHPOK 4.9.032 has an arbitrary file upload vulnerability in the import_f function in framework/admin/modulec_control.php, as demonstrated by uploading a .php file within a .php.zip archive, a similar issue to CVE-2018-8944. | 9.8 |
| 2018-06-13 | CVE-2011-4183 | Unrestricted Upload of File with Dangerous Type vulnerability in Opensuse Open Build Service A vulnerability in open build service allows remote attackers to upload arbitrary RPM files. | 9.8 |
| 2018-06-13 | CVE-2018-12263 | Unrestricted Upload of File with Dangerous Type vulnerability in Portfoliocms Project Portfoliocms 1.0.5 portfolioCMS 1.0.5 allows upload of arbitrary .php files via the admin/portfolio.php?newpage=true URI. | 8.8 |
| 2018-06-08 | CVE-2018-1453 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Security Identity Manager 7.0/7.0.1 IBM Security Identity Manager Virtual Appliance 7.0 allows an authenticated attacker to upload or transfer files of dangerous types that can be automatically processed within the environment. | 8.8 |
| 2018-06-08 | CVE-2018-12051 | Unrestricted Upload of File with Dangerous Type vulnerability in Schools Alert Management Script Project Schools Alert Management Script Arbitrary File Upload and Remote Code Execution exist in PHP Scripts Mall Schools Alert Management Script via $_FILE in /webmasterst/general.php, as demonstrated by a .php file with the image/jpeg content type. | 9.8 |
| 2018-06-08 | CVE-2018-12045 | Unrestricted Upload of File with Dangerous Type vulnerability in Dedecms 5.5/5.6/5.7 DedeCMS through V5.7SP2 allows arbitrary file upload in dede/file_manage_control.php via a dede/file_manage_view.php?fmdo=upload request with an upfile1 parameter, as demonstrated by uploading a .php file. | 9.8 |
| 2018-06-07 | CVE-2018-3758 | Unrestricted Upload of File with Dangerous Type vulnerability in Express-Cart Project Express-Cart Unrestricted file upload (RCE) in express-cart module before 1.1.7 allows a privileged user to gain access in the hosting machine. | 8.8 |
| 2018-06-06 | CVE-2018-1265 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products Cloud Foundry Diego, release versions prior to 2.8.0, does not properly sanitize file paths in tar and zip files headers. | 7.2 |
| 2018-06-05 | CVE-2018-11736 | Unrestricted Upload of File with Dangerous Type vulnerability in Pluck-Cms Pluck An issue was discovered in Pluck before 4.7.7-dev2. | 9.8 |
| 2018-06-01 | CVE-2018-11196 | Unrestricted Upload of File with Dangerous Type vulnerability in Mahara Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before 18.04.1 can be used as medium to transmit viruses by placing infected files into a Leap2A archive and uploading that to Mahara. | 7.5 |