Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-17 | CVE-2023-48031 | Unrestricted Upload of File with Dangerous Type vulnerability in Opensupports 4.11.0 OpenSupports v4.11.0 is vulnerable to Unrestricted Upload of File with Dangerous Type. | 9.8 |
| 2023-11-15 | CVE-2023-6133 | Unrestricted Upload of File with Dangerous Type vulnerability in Incsub Forminator The Forminator plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient blacklisting on the 'forminator_allowed_mime_types' function in versions up to, and including, 1.27.0. | 4.9 |
| 2023-11-14 | CVE-2023-48217 | Unrestricted Upload of File with Dangerous Type vulnerability in Statamic Statamic is a flat-first, Laravel + Git powered CMS designed for building websites. | 8.8 |
| 2023-11-13 | CVE-2023-47621 | Unrestricted Upload of File with Dangerous Type vulnerability in Duncanmcclean Guest Entries Guest Entries is a php library which allows users to create, update & delete entries from the front-end of a site. | 8.8 |
| 2023-11-10 | CVE-2023-47129 | Unrestricted Upload of File with Dangerous Type vulnerability in Statamic Statmic is a core Laravel content management system Composer package. | 9.8 |
| 2023-11-07 | CVE-2023-42659 | Unrestricted Upload of File with Dangerous Type vulnerability in Progress WS FTP Server In WS_FTP Server versions prior to 8.7.6 and 8.8.4, an unrestricted file upload flaw has been identified. | 8.8 |
| 2023-11-07 | CVE-2023-33480 | Unrestricted Upload of File with Dangerous Type vulnerability in Remoteclinic Remote Clinic 2.0 RemoteClinic 2.0 contains a critical vulnerability chain that can be exploited by a remote attacker with low-privileged user credentials to create admin users, escalate privileges, and execute arbitrary code on the target system via a PHP shell. | 8.8 |
| 2023-11-06 | CVE-2023-5601 | Unrestricted Upload of File with Dangerous Type vulnerability in Atomicwebstrategy Woocommerce Ninja Forms Product Add-Ons The WooCommerce Ninja Forms Product Add-ons WordPress plugin before 1.7.1 does not validate the file to be uploaded, allowing any unauthenticated users to upload arbitrary files to the server, leading to RCE. | 9.8 |
| 2023-11-03 | CVE-2023-41725 | Unrestricted Upload of File with Dangerous Type vulnerability in Ivanti Avalanche Ivanti Avalanche EnterpriseServer Service Unrestricted File Upload Local Privilege Escalation Vulnerability | 7.8 |
| 2023-11-03 | CVE-2023-41357 | Unrestricted Upload of File with Dangerous Type vulnerability in GSS Vitals Enterprise Social Platform 3.0.8 Galaxy Software Services Corporation Vitals ESP is an online knowledge base management portal, it has insufficient filtering and validation during file upload. | 8.8 |