Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-16 | CVE-2023-6850 | Unrestricted Upload of File with Dangerous Type vulnerability in Kodcloud Kodexplorer A vulnerability was found in kalcaddle KodExplorer up to 4.51.03. | 9.8 |
| 2023-12-15 | CVE-2023-48376 | Unrestricted Upload of File with Dangerous Type vulnerability in Csharp CWS Collaborative Development Platform 10.25 SmartStar Software CWS is a web-based integration platform, its file uploading function does not restrict upload of file with dangerous type. | 9.8 |
| 2023-12-15 | CVE-2023-6826 | Unrestricted Upload of File with Dangerous Type vulnerability in E2Pdf The E2Pdf plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'import_action' function in versions up to, and including, 1.20.25. | 7.2 |
| 2023-12-15 | CVE-2023-6827 | Unrestricted Upload of File with Dangerous Type vulnerability in G5Plus Essential Real Estate The Essential Real Estate plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'ajaxUploadFonts' function in versions up to, and including, 4.3.5. | 8.8 |
| 2023-12-15 | CVE-2023-48371 | Unrestricted Upload of File with Dangerous Type vulnerability in Itpison Omicard EDM 6.0.1.5 ITPison OMICARD EDM’s file uploading function does not restrict upload of file with dangerous type. | 9.8 |
| 2023-12-14 | CVE-2023-50564 | Unrestricted Upload of File with Dangerous Type vulnerability in Pluck-Cms Pluck 4.7.18 An arbitrary file upload vulnerability in the component /inc/modules_install.php of Pluck-CMS v4.7.18 allows attackers to execute arbitrary code via uploading a crafted ZIP file. | 8.8 |
| 2023-12-13 | CVE-2023-6794 | Unrestricted Upload of File with Dangerous Type vulnerability in Paloaltonetworks Pan-Os An arbitrary file upload vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall. | 4.7 |
| 2023-12-13 | CVE-2023-6723 | Unrestricted Upload of File with Dangerous Type vulnerability in Europeana Repox 2.3.7 An unrestricted file upload vulnerability has been identified in Repbox, which allows an attacker to upload malicious files via the transforamationfileupload function, due to the lack of proper file type validation controls, resulting in a full system compromise. | 9.8 |
| 2023-12-07 | CVE-2023-4122 | Unrestricted Upload of File with Dangerous Type vulnerability in Imsurajghosh Student Information System 1.0 Student Information System v1.0 is vulnerable to an Insecure File Upload vulnerability on the 'photo' parameter of my-profile page, allowing an authenticated attacker to obtain Remote Code Execution on the server hosting the application. | 8.8 |
| 2023-12-07 | CVE-2023-6576 | Unrestricted Upload of File with Dangerous Type vulnerability in Byzoro Smart S210 Firmware 20231121 A vulnerability was found in Byzoro S210 up to 20231123. | 8.8 |