Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-27 | CVE-2024-6054 | Unrestricted Upload of File with Dangerous Type vulnerability in Auto-Featured-Image Project Auto-Featured-Image The Auto Featured Image plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'create_post_attachment_from_url' function in all versions up to, and including, 1.2. | 8.8 |
| 2024-06-21 | CVE-2024-35767 | Unrestricted Upload of File with Dangerous Type vulnerability in Squeeze Project Squeeze Unrestricted Upload of File with Dangerous Type vulnerability in Bogdan Bendziukov Squeeze allows Code Injection.This issue affects Squeeze: from n/a through 1.4. | 7.2 |
| 2024-06-21 | CVE-2023-45197 | Unrestricted Upload of File with Dangerous Type vulnerability in Adminerevo The file upload plugin in Adminer and AdminerEvo allows an attacker to upload a file with a table name of “..” to the root of the Adminer directory. | 9.8 |
| 2024-06-14 | CVE-2024-3912 | Certain models of ASUS routers have an arbitrary firmware upload vulnerability. | 9.8 |
| 2024-06-14 | CVE-2024-31161 | The upload functionality of ASUS Download Master does not properly filter user input. | 7.2 |
| 2024-06-13 | CVE-2024-34110 | Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Commerce and Magento Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution. | 7.2 |
| 2024-06-10 | CVE-2024-36415 | Unrestricted Upload of File with Dangerous Type vulnerability in Salesagility Suitecrm SuiteCRM is an open-source Customer Relationship Management (CRM) software application. | 8.8 |
| 2024-06-10 | CVE-2024-35746 | Unrestricted Upload of File with Dangerous Type vulnerability in Buddypress Cover Project Buddypress Cover 2.1.4.2 Unrestricted Upload of File with Dangerous Type vulnerability in Asghar Hatampoor BuddyPress Cover allows Code Injection.This issue affects BuddyPress Cover: from n/a through 2.1.4.2. | 9.8 |
| 2024-06-07 | CVE-2024-5734 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Discussion Forum Project Online Discussion Forum 1.0 A vulnerability classified as critical has been found in itsourcecode Online Discussion Forum 1.0. | 8.8 |
| 2024-06-06 | CVE-2024-36774 | Unrestricted Upload of File with Dangerous Type vulnerability in Monstra 3.0.4 An arbitrary file upload vulnerability in Monstra CMS v3.0.4 allows attackers to execute arbitrary code via uploading a crafted PHP file. | 7.2 |