Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-17 | CVE-2023-39548 | Unrestricted Upload of File with Dangerous Type vulnerability in NEC products CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command. | 8.8 |
| 2023-11-17 | CVE-2023-48031 | Unrestricted Upload of File with Dangerous Type vulnerability in Opensupports 4.11.0 OpenSupports v4.11.0 is vulnerable to Unrestricted Upload of File with Dangerous Type. | 9.8 |
| 2023-11-15 | CVE-2023-6133 | Unrestricted Upload of File with Dangerous Type vulnerability in Incsub Forminator The Forminator plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient blacklisting on the 'forminator_allowed_mime_types' function in versions up to, and including, 1.27.0. | 4.9 |
| 2023-11-14 | CVE-2023-48217 | Unrestricted Upload of File with Dangerous Type vulnerability in Statamic Statamic is a flat-first, Laravel + Git powered CMS designed for building websites. | 8.8 |
| 2023-11-13 | CVE-2023-47621 | Unrestricted Upload of File with Dangerous Type vulnerability in Duncanmcclean Guest Entries Guest Entries is a php library which allows users to create, update & delete entries from the front-end of a site. | 8.8 |
| 2023-11-10 | CVE-2023-47129 | Unrestricted Upload of File with Dangerous Type vulnerability in Statamic Statmic is a core Laravel content management system Composer package. | 9.8 |
| 2023-11-07 | CVE-2023-42659 | Unrestricted Upload of File with Dangerous Type vulnerability in Progress WS FTP Server In WS_FTP Server versions prior to 8.7.6 and 8.8.4, an unrestricted file upload flaw has been identified. | 8.8 |
| 2023-11-07 | CVE-2023-33480 | Unrestricted Upload of File with Dangerous Type vulnerability in Remoteclinic Remote Clinic 2.0 RemoteClinic 2.0 contains a critical vulnerability chain that can be exploited by a remote attacker with low-privileged user credentials to create admin users, escalate privileges, and execute arbitrary code on the target system via a PHP shell. | 8.8 |
| 2023-11-06 | CVE-2023-5601 | Unrestricted Upload of File with Dangerous Type vulnerability in Atomicwebstrategy Woocommerce Ninja Forms Product Add-Ons The WooCommerce Ninja Forms Product Add-ons WordPress plugin before 1.7.1 does not validate the file to be uploaded, allowing any unauthenticated users to upload arbitrary files to the server, leading to RCE. | 9.8 |
| 2023-11-03 | CVE-2023-41725 | Unrestricted Upload of File with Dangerous Type vulnerability in Ivanti Avalanche Ivanti Avalanche EnterpriseServer Service Unrestricted File Upload Local Privilege Escalation Vulnerability | 7.8 |