Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-13 | CVE-2017-17593 | Unrestricted Upload of File with Dangerous Type vulnerability in Simple Chatting System Project Simple Chatting System 1.0 Simple Chatting System 1.0 allows Arbitrary File Upload via view/my_profile.php, which places files under uploads/. | 7.5 |
| 2017-12-06 | CVE-2017-13156 | Unrestricted Upload of File with Dangerous Type vulnerability in Google Android An elevation of privilege vulnerability in the Android system (art). | 7.8 |
| 2017-11-30 | CVE-2017-12332 | Unrestricted Upload of File with Dangerous Type vulnerability in Cisco Nx-Os and Unified Computing System A vulnerability in Cisco NX-OS System Software patch installation could allow an authenticated, local attacker to write a file to arbitrary locations. | 4.4 |
| 2017-11-28 | CVE-2017-15673 | Unrestricted Upload of File with Dangerous Type vulnerability in Cs-Cart The files function in the administration section in CS-Cart 4.6.2 and earlier allows attackers to execute arbitrary PHP code via vectors involving a custom page. | 7.2 |
| 2017-11-27 | CVE-2017-15054 | Unrestricted Upload of File with Dangerous Type vulnerability in Teampass An arbitrary file upload vulnerability, present in TeamPass before 2.1.27.9, allows remote authenticated users to upload arbitrary files leading to Remote Command Execution. | 7.5 |
| 2017-11-25 | CVE-2017-16941 | Unrestricted Upload of File with Dangerous Type vulnerability in Octobercms October October CMS through 1.0.428 does not prevent use of .htaccess in themes, which allows remote authenticated users to execute arbitrary PHP code by downloading a theme ZIP archive from /backend/cms/themes, and then uploading and importing a modified archive with two new files: a .php file and a .htaccess file. | 8.8 |
| 2017-11-22 | CVE-2017-2737 | Unrestricted Upload of File with Dangerous Type vulnerability in Huawei Vcm5010 Firmware V100R001C10B010 VCM5010 with software versions earlier before V100R002C50SPC100 has an arbitrary file upload vulnerability. | 8.8 |
| 2017-11-22 | CVE-2017-2699 | Unrestricted Upload of File with Dangerous Type vulnerability in Huawei Honor 7 Firmware, Lyo-L21 Firmware and Mate S Firmware The Huawei Themes APP in versions earlier than PLK-UL00C17B385, versions earlier than CRR-L09C432B380, versions earlier than LYO-L21C577B128 has a privilege elevation vulnerability. | 7.8 |
| 2017-11-22 | CVE-2017-8862 | Unrestricted Upload of File with Dangerous Type vulnerability in Cohuhd 3960Hd Firmware The webupgrade function on the Cohu 3960HD does not verify the firmware upgrade files or process, allowing an attacker to upload a specially crafted postinstall.sh file that will be executed with "root" privileges. | 9.8 |
| 2017-11-17 | CVE-2017-1000238 | Unrestricted Upload of File with Dangerous Type vulnerability in Invoiceplane 1.4.10 InvoicePlane version 1.4.10 is vulnerable to a Arbitrary File Upload resulting in an authenticated user can upload a malicious file to the webserver. | 8.8 |