Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-14 | CVE-2017-1499 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM products IBM Maximo Asset Management 7.5 and 7.6 could allow a remote attacker to include arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable Web server. | 8.8 |
| 2018-02-12 | CVE-2017-9970 | Unrestricted Upload of File with Dangerous Type vulnerability in Schneider-Electric Struxureon Gateway 1.1.3 A remote code execution vulnerability exists in Schneider Electric's StruxureOn Gateway versions 1.1.3 and prior. | 7.2 |
| 2018-02-12 | CVE-2018-6860 | Unrestricted Upload of File with Dangerous Type vulnerability in Schools Alert Management Script Project Schools Alert Management Script 2.0.2 Arbitrary File Upload and Remote Code Execution exist in PHP Scripts Mall Schools Alert Management Script 2.0.2 via a profile picture. | 8.8 |
| 2018-02-02 | CVE-2018-6580 | Unrestricted Upload of File with Dangerous Type vulnerability in Janguo Jimtawl 2.1.6/2.2.5 Arbitrary file upload exists in the Jimtawl 2.1.6 and 2.2.5 component for Joomla! via a view=upload&task=upload&pop=true&tmpl=component request. | 9.8 |
| 2018-01-26 | CVE-2017-17976 | Unrestricted Upload of File with Dangerous Type vulnerability in Perfexcrm Perfex CRM 1.9.7 In Utilities.php in Perfex CRM 1.9.7, Unrestricted file upload can lead to remote code execution. | 9.8 |
| 2018-01-26 | CVE-2017-14521 | Unrestricted Upload of File with Dangerous Type vulnerability in Wondercms 2.3.0/2.3.1 In WonderCMS 2.3.1, the upload functionality accepts random application extensions and leads to malicious File Upload. | 8.8 |
| 2018-01-26 | CVE-2018-1342 | Unrestricted Upload of File with Dangerous Type vulnerability in Netiq Access Manager 4.3/4.4 A Vulnerability exists on Admin Console where an attacker can upload files to the Admin Console server, and potentially execute them. | 9.8 |
| 2018-01-25 | CVE-2018-5997 | Unrestricted Upload of File with Dangerous Type vulnerability in Ravpower Filehub Firmware 2.000.056 An issue was discovered in the HTTP Server in RAVPower Filehub 2.000.056. | 9.8 |
| 2018-01-23 | CVE-2018-5749 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products install.php in Minecraft Servers List Lite before commit c1cd164 and Premium Minecraft Servers List before 2.0.4 does not sanitize input before saving database connection information in connect.php, which might allow remote attackers to execute arbitrary PHP code via the (1) database_server, (2) database_user, (3) database_password, or (4) database_name parameter. network low complexity premium-minecraft-servers-list-project minecraft-servers-list-lite-project CWE-434 critical | 9.8 |
| 2018-01-23 | CVE-2017-18048 | Unrestricted Upload of File with Dangerous Type vulnerability in Monstra 3.0.4 Monstra CMS 3.0.4 allows users to upload arbitrary files, which leads to remote command execution on the server, for example because .php (lowercase) is blocked but .PHP (uppercase) is not. | 8.8 |