Vulnerabilities > Unrestricted Upload of File with Dangerous Type
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-22 | CVE-2024-22895 | Unrestricted Upload of File with Dangerous Type vulnerability in Dedecms 5.7.112 DedeCMS 5.7.112 has a File Upload vulnerability via uploads/dede/module_upload.php. | 8.8 |
2024-01-20 | CVE-2023-51924 | Unrestricted Upload of File with Dangerous Type vulnerability in Yonyou Yonbip 323.05 An arbitrary file upload vulnerability in the uap.framework.rc.itf.IResourceManager interface of YonBIP v3_23.05 allows attackers to execute arbitrary code via uploading a crafted file. | 9.8 |
2024-01-20 | CVE-2023-51925 | Unrestricted Upload of File with Dangerous Type vulnerability in Yonyou Yonbip 323.05 An arbitrary file upload vulnerability in the nccloud.web.arcp.taskmonitor.action.ArcpUploadAction.doAction() method of YonBIP v3_23.05 allows attackers to execute arbitrary code via uploading a crafted file. | 9.8 |
2024-01-20 | CVE-2021-31314 | Unrestricted Upload of File with Dangerous Type vulnerability in Ejinshan Terminal Security System 8.0 File upload vulnerability in ejinshan v8+ terminal security system allows attackers to upload arbitrary files to arbitrary locations on the server. | 9.8 |
2024-01-20 | CVE-2023-51928 | Unrestricted Upload of File with Dangerous Type vulnerability in Yonyou Yonbip 323.05 An arbitrary file upload vulnerability in the nccloud.web.arcp.taskmonitor.action.ArcpUploadAction.doAction() method of YonBIP v3_23.05 allows attackers to execute arbitrary code via uploading a crafted file. | 9.8 |
2024-01-19 | CVE-2023-27168 | Unrestricted Upload of File with Dangerous Type vulnerability in Xpand-It Write-Back Manager 2.3.1 An arbitrary file upload vulnerability in Xpand IT Write-back Manager v2.3.1 allows attackers to execute arbitrary code via a crafted jsp file. | 9.8 |
2024-01-19 | CVE-2024-0713 | Unrestricted Upload of File with Dangerous Type vulnerability in Monitorr 1.7.6M A vulnerability was found in Monitorr 1.7.6m. | 8.8 |
2024-01-18 | CVE-2023-40051 | Unrestricted Upload of File with Dangerous Type vulnerability in Progress Openedge and Openedge Innovation This issue affects Progress Application Server (PAS) for OpenEdge in versions 11.7 prior to 11.7.18, 12.2 prior to 12.2.13, and innovation releases prior to 12.8.0. An attacker can formulate a request for a WEB transport that allows unintended file uploads to a server directory path on the system running PASOE. | 9.9 |
2024-01-16 | CVE-2022-1538 | Unrestricted Upload of File with Dangerous Type vulnerability in Themely Theme Demo Import 1.1.1 Theme Demo Import WordPress plugin before 1.1.1 does not validate the imported file, allowing high-privilege users such as admin to upload arbitrary files (such as PHP) even when FILE_MODS and FILE_EDIT are disallowed. | 7.2 |
2024-01-16 | CVE-2023-4536 | Unrestricted Upload of File with Dangerous Type vulnerability in Koalaapps MY Account Page Editor The My Account Page Editor WordPress plugin before 1.3.2 does not validate the profile picture to be uploaded, allowing any authenticated users, such as subscriber to upload arbitrary files to the server, leading to RCE | 8.8 |