Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-19 | CVE-2023-46263 | Unrestricted Upload of File with Dangerous Type vulnerability in Ivanti Avalanche An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remote code execution. | 9.8 |
| 2023-12-19 | CVE-2023-46264 | Unrestricted Upload of File with Dangerous Type vulnerability in Ivanti Avalanche An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remove code execution. | 9.8 |
| 2023-12-18 | CVE-2023-4311 | Unrestricted Upload of File with Dangerous Type vulnerability in Maurice Vrm360 1.2.1 The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 is vulnerable to arbitrary file upload due to insufficient checks in a plugin shortcode. | 8.8 |
| 2023-12-15 | CVE-2023-48376 | Unrestricted Upload of File with Dangerous Type vulnerability in Csharp CWS Collaborative Development Platform 10.25 SmartStar Software CWS is a web-based integration platform, its file uploading function does not restrict upload of file with dangerous type. | 9.8 |
| 2023-12-15 | CVE-2023-6826 | Unrestricted Upload of File with Dangerous Type vulnerability in E2Pdf The E2Pdf plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'import_action' function in versions up to, and including, 1.20.25. | 7.2 |
| 2023-12-15 | CVE-2023-6827 | Unrestricted Upload of File with Dangerous Type vulnerability in G5Plus Essential Real Estate The Essential Real Estate plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'ajaxUploadFonts' function in versions up to, and including, 4.3.5. | 8.8 |
| 2023-12-14 | CVE-2023-50564 | Unrestricted Upload of File with Dangerous Type vulnerability in Pluck-Cms Pluck 4.7.18 An arbitrary file upload vulnerability in the component /inc/modules_install.php of Pluck-CMS v4.7.18 allows attackers to execute arbitrary code via uploading a crafted ZIP file. | 8.8 |
| 2023-12-13 | CVE-2023-6794 | Unrestricted Upload of File with Dangerous Type vulnerability in Paloaltonetworks Pan-Os An arbitrary file upload vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall. | 4.7 |
| 2023-12-07 | CVE-2023-4122 | Unrestricted Upload of File with Dangerous Type vulnerability in Imsurajghosh Student Information System 1.0 Student Information System v1.0 is vulnerable to an Insecure File Upload vulnerability on the 'photo' parameter of my-profile page, allowing an authenticated attacker to obtain Remote Code Execution on the server hosting the application. | 8.8 |
| 2023-12-06 | CVE-2023-39538 | Unrestricted Upload of File with Dangerous Type vulnerability in AMI Aptio V AMI AptioV contains a vulnerability in BIOS where a User may cause an unrestricted upload of a BMP Logo file with dangerous type by Local access. | 7.8 |