Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-08 | CVE-2023-25365 | Unrestricted Upload of File with Dangerous Type vulnerability in Octobercms October 3.2.0 Cross Site Scripting vulnerability found in October CMS v.3.2.0 allows local attacker to execute arbitrary code via the file type .mp3 | 7.8 |
| 2024-02-08 | CVE-2023-40265 | Unrestricted Upload of File with Dangerous Type vulnerability in Mitel Unify Openscape Xpressions Webassistant An issue was discovered in Atos Unify OpenScape Xpressions WebAssistant V7 before V7R1 FR5 HF42 P911. | 8.8 |
| 2024-02-08 | CVE-2024-24393 | Unrestricted Upload of File with Dangerous Type vulnerability in Oaooa Pichome 1.1.01 File Upload vulnerability index.php in Pichome v.1.1.01 allows a remote attacker to execute arbitrary code via crafted POST request. | 9.8 |
| 2024-02-08 | CVE-2024-24202 | Unrestricted Upload of File with Dangerous Type vulnerability in Easycorp Zentao, Zentao BIZ and Zentao MAX An arbitrary file upload vulnerability in /upgrade/control.php of ZenTao Community Edition v18.10, ZenTao Biz v8.10, and ZenTao Max v4.10 allows attackers to execute arbitrary code via uploading a crafted .txt file. | 9.8 |
| 2024-02-08 | CVE-2024-24024 | Unrestricted Upload of File with Dangerous Type vulnerability in Xxyopen Novel-Plus An arbitrary File download vulnerability exists in Novel-Plus v4.3.0-RC1 and prior at com.java2nb.common.controller.FileController: fileDownload(). | 9.8 |
| 2024-02-08 | CVE-2024-24025 | Unrestricted Upload of File with Dangerous Type vulnerability in Xxyopen Novel-Plus An arbitrary File upload vulnerability exists in Novel-Plus v4.3.0-RC1 and prior at com.java2nb.common.controller.FileController: upload(). | 9.8 |
| 2024-02-08 | CVE-2024-24026 | Unrestricted Upload of File with Dangerous Type vulnerability in Xxyopen Novel-Plus An arbitrary File upload vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions at com.java2nb.system.controller.SysUserController: uploadImg(). | 9.8 |
| 2024-02-08 | CVE-2024-24350 | Unrestricted Upload of File with Dangerous Type vulnerability in Softwarepublico E-Sic Livre File Upload vulnerability in Software Publico e-Sic Livre v.2.0 and before allows a remote attacker to execute arbitrary code via the extension filtering component. | 8.8 |
| 2024-02-07 | CVE-2024-1268 | Unrestricted Upload of File with Dangerous Type vulnerability in Restaurant POS System Project Restaurant POS System 1.0 A vulnerability, which was classified as critical, was found in CodeAstro Restaurant POS System 1.0. | 9.8 |
| 2024-02-07 | CVE-2024-1264 | Unrestricted Upload of File with Dangerous Type vulnerability in Juanpao Jpshop 1.5.02 A vulnerability has been found in Juanpao JPShop up to 1.5.02 and classified as critical. | 9.8 |