Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-20 | CVE-2023-5524 | Unrestricted Upload of File with Dangerous Type vulnerability in M-Files web Companion 23.8 Insufficient blacklisting in M-Files Web Companion before release version 23.10 and LTS Service Release Versions before 23.8 LTS SR1 allows Remote Code Execution via specific file types | 7.3 |
| 2023-10-19 | CVE-2023-45384 | Unrestricted Upload of File with Dangerous Type vulnerability in Knowband Supercheckout 5.0.7 KnowBand supercheckout > 5.0.7 and < 6.0.7 is vulnerable to Unrestricted Upload of File with Dangerous Type. | 9.8 |
| 2023-10-18 | CVE-2023-37502 | Unrestricted Upload of File with Dangerous Type vulnerability in Hcltech HCL Compass HCL Compass is vulnerable to lack of file upload security. | 8.8 |
| 2023-10-18 | CVE-2023-46004 | Unrestricted Upload of File with Dangerous Type vulnerability in Mayurik Best Courier Management System 1.0 Sourcecodester Best Courier Management System 1.0 is vulnerable to Arbitrary file upload in the update_user function. | 7.2 |
| 2023-10-17 | CVE-2023-41631 | Unrestricted Upload of File with Dangerous Type vulnerability in Esst Monitoring 2.147.1 eSST Monitoring v2.147.1 was discovered to contain a remote code execution (RCE) vulnerability via the file upload function. | 8.8 |
| 2023-10-17 | CVE-2023-45952 | Unrestricted Upload of File with Dangerous Type vulnerability in Lylme Spage 1.7.0 An arbitrary file upload vulnerability in the component ajax_link.php of lylme_spage v1.7.0 allows attackers to execute arbitrary code via uploading a crafted file. | 9.8 |
| 2023-10-17 | CVE-2023-44824 | Unrestricted Upload of File with Dangerous Type vulnerability in Oretnom23 Expense Management System 1.0 An issue in Expense Management System v.1.0 allows a local attacker to execute arbitrary code via a crafted file uploaded to the sign-up.php component. | 7.8 |
| 2023-10-17 | CVE-2023-34207 | Unrestricted Upload of File with Dangerous Type vulnerability in Easyuse Mailhunter Ultimate 2020/2023 Unrestricted upload of file with dangerous type vulnerability in create template function in EasyUse MailHunter Ultimate 2023 and earlier allows remote authenticated users to perform arbitrary system commands with ‘NT Authority\SYSTEM‘ privilege via a crafted ZIP archive. | 8.8 |
| 2023-10-17 | CVE-2022-22375 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Security Verify Privilege On-Premises IBM Security Verify Privilege On-Premises 11.5 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. | 8.8 |
| 2023-10-16 | CVE-2023-35018 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Security Verify Governance 10.0/10.0.1 IBM Security Verify Governance 10.0 could allow a privileged use to upload arbitrary files due to improper file validation. | 7.2 |