Vulnerabilities > Unrestricted Upload of File with Dangerous Type
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-14 | CVE-2023-45856 | Unrestricted Upload of File with Dangerous Type vulnerability in Qdpm 9.2 qdPM 9.2 allows remote code execution by using the Add Attachments feature of Edit Project to upload a .php file to the /uploads URI. | 9.8 |
2023-10-11 | CVE-2023-44962 | Unrestricted Upload of File with Dangerous Type vulnerability in Koha-Community Koha Library Software File Upload vulnerability in Koha Library Software 23.05.04 and before allows a remote attacker to read arbitrary files via the upload-cover-image.pl component. | 5.3 |
2023-10-10 | CVE-2023-44763 | Unrestricted Upload of File with Dangerous Type vulnerability in Concretecms Concrete CMS 9.2.1 Concrete CMS v9.2.1 is affected by an Arbitrary File Upload vulnerability via a Thumbnail file upload, which allows Cross-Site Scripting (XSS). | 5.4 |
2023-10-09 | CVE-2023-43696 | Unrestricted Upload of File with Dangerous Type vulnerability in Sick Apu0200 Firmware Improper Access Control in SICK APU allows an unprivileged remote attacker to download as well as upload arbitrary files via anonymous access to the FTP server. | 9.8 |
2023-10-09 | CVE-2023-45353 | Unrestricted Upload of File with Dangerous Type vulnerability in Atos Unify Openscape Common Management 10 Atos Unify OpenScape Common Management Portal V10 before V10 R4.17.0 and V10 R5.1.0 allows an authenticated attacker to execute arbitrary code on the operating system by leveraging the Common Management Portal web interface for Authenticated remote upload and creation of arbitrary files affecting the underlying operating system. | 8.8 |
2023-10-06 | CVE-2023-44061 | Unrestricted Upload of File with Dangerous Type vulnerability in Simple and Nice Shopping Cart Script Project Simple and Nice Shopping Cart Script 1.0 File Upload vulnerability in Simple and Nice Shopping Cart Script v.1.0 allows a remote attacker to execute arbitrary code via the upload function in the edit profile component. | 8.8 |
2023-10-05 | CVE-2023-43269 | Unrestricted Upload of File with Dangerous Type vulnerability in Pigcms 7.0 pigcms up to 7.0 was discovered to contain an arbitrary file upload vulnerability. | 9.8 |
2023-10-04 | CVE-2023-43321 | Unrestricted Upload of File with Dangerous Type vulnerability in Dcnetworks Dcfw-1800-Sdc Firmware 3.0 File Upload vulnerability in Digital China Networks DCFW-1800-SDC v.3.0 allows an authenticated attacker to execute arbitrary code via the wget function in the /sbin/cloudadmin.sh component. | 8.8 |
2023-10-04 | CVE-2023-43838 | Unrestricted Upload of File with Dangerous Type vulnerability in Personal-Management-System Personal Management System 1.4.64 An arbitrary file upload vulnerability in Personal Management System v1.4.64 allows attackers to execute arbitrary code via uploading a crafted SVG file into a user profile's avatar. | 7.8 |
2023-10-03 | CVE-2023-44973 | Unrestricted Upload of File with Dangerous Type vulnerability in Emlog 2.2.0 An arbitrary file upload vulnerability in the component /content/templates/ of Emlog Pro v2.2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file. | 9.8 |