Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-10 | CVE-2018-9037 | Unrestricted Upload of File with Dangerous Type vulnerability in Monstra 3.0.4 Monstra CMS 3.0.4 allows remote code execution via an upload_file request for a .zip file, which is automatically extracted and may contain .php files. | 8.8 |
| 2018-04-10 | CVE-2018-2404 | Unrestricted Upload of File with Dangerous Type vulnerability in SAP Disclosure Management 10.1 SAP Disclosure Management 10.1 allows an attacker to upload any file without proper file format validation. | 9.8 |
| 2018-04-01 | CVE-2018-9157 | Unrestricted Upload of File with Dangerous Type vulnerability in Axis M1033-W Firmware 5.40.5.1 An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. | 7.5 |
| 2018-04-01 | CVE-2018-9156 | Unrestricted Upload of File with Dangerous Type vulnerability in Axis P1354 Firmware 5.90.1.1 An issue was discovered on AXIS P1354 (IP camera) Firmware version 5.90.1.1 devices. | 7.5 |
| 2018-03-31 | CVE-2015-9259 | Unrestricted Upload of File with Dangerous Type vulnerability in Docker Notary In Docker Notary before 0.1, the checkRoot function in gotuf/client/client.go does not check expiry of root.json files, despite a comment stating that it does. | 9.8 |
| 2018-03-22 | CVE-2018-8944 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPok 4.8.338 PHPOK 4.8.338 has an arbitrary file upload vulnerability. | 9.8 |
| 2018-03-22 | CVE-2014-4912 | Unrestricted Upload of File with Dangerous Type vulnerability in Frog CMS Project Frog CMS 0.9.5 An Arbitrary File Upload issue was discovered in Frog CMS 0.9.5 due to lack of extension validation. | 9.8 |
| 2018-03-18 | CVE-2018-8766 | Unrestricted Upload of File with Dangerous Type vulnerability in Joyplus-Cms Project Joyplus-Cms 1.6.0 joyplus-cms 1.6.0 allows Remote Code Execution because of an Arbitrary File Upload issue in manager/editor/upload.php, related to manager/admin_vod.php?action=add. | 9.8 |
| 2018-03-13 | CVE-2017-16251 | Unrestricted Upload of File with Dangerous Type vulnerability in Mitel St14.2 Ga28 A vulnerability in the conferencing component of Mitel ST 14.2, release GA28 and earlier, could allow an authenticated user to upload a malicious script to the Personal Library by a crafted POST request. | 8.8 |
| 2018-03-13 | CVE-2018-1000094 | Unrestricted Upload of File with Dangerous Type vulnerability in Cmsmadesimple CMS Made Simple 2.2.5 CMS Made Simple version 2.2.5 contains a Remote Code Execution vulnerability in File Manager that can result in Allows an authenticated admin that has access to the file manager to execute code on the server. | 7.2 |