Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-26 | CVE-2023-5796 | Unrestricted Upload of File with Dangerous Type vulnerability in Martmbithi POS System 1 A vulnerability was found in CodeAstro POS System 1.0. | 8.8 |
| 2023-10-26 | CVE-2023-5790 | Unrestricted Upload of File with Dangerous Type vulnerability in Remyandrade File Manager APP 1.0 A vulnerability classified as critical was found in SourceCodester File Manager App 1.0. | 9.8 |
| 2023-10-25 | CVE-2023-26578 | Unrestricted Upload of File with Dangerous Type vulnerability in Idattend Idweb 3.1.013 Arbitrary file upload to web root in the IDAttend’s IDWeb application 3.1.013 allows authenticated attackers to upload dangerous files to web root such as ASP or ASPX, gaining command execution on the affected server. | 8.8 |
| 2023-10-25 | CVE-2023-45554 | Unrestricted Upload of File with Dangerous Type vulnerability in Zzzcms 2.1.9 File Upload vulnerability in zzzCMS v.2.1.9 allows a remote attacker to execute arbitrary code via modification of the imageext parameter from jpg, jpeg,gif, and png to jpg, jpeg,gif, png, pphphp. | 9.8 |
| 2023-10-25 | CVE-2023-45555 | Unrestricted Upload of File with Dangerous Type vulnerability in Zzzcms 2.1.9 File Upload vulnerability in zzzCMS v.2.1.9 allows a remote attacker to execute arbitrary code via a crafted file to the down_url function in zzz.php file. | 7.8 |
| 2023-10-20 | CVE-2020-36706 | Unrestricted Upload of File with Dangerous Type vulnerability in Simple-Press Simple:Press The Simple:Press – WordPress Forum Plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ~/admin/resources/jscript/ajaxupload/sf-uploader.php file in versions up to, and including, 6.6.0. | 9.8 |
| 2023-10-20 | CVE-2023-5524 | Unrestricted Upload of File with Dangerous Type vulnerability in M-Files web Companion 23.8 Insufficient blacklisting in M-Files Web Companion before release version 23.10 and LTS Service Release Versions before 23.8 LTS SR1 allows Remote Code Execution via specific file types | 7.3 |
| 2023-10-19 | CVE-2023-45384 | Unrestricted Upload of File with Dangerous Type vulnerability in Knowband Supercheckout 5.0.7 KnowBand supercheckout > 5.0.7 and < 6.0.7 is vulnerable to Unrestricted Upload of File with Dangerous Type. | 9.8 |
| 2023-10-18 | CVE-2023-37502 | Unrestricted Upload of File with Dangerous Type vulnerability in Hcltech HCL Compass HCL Compass is vulnerable to lack of file upload security. | 8.8 |
| 2023-10-18 | CVE-2023-46004 | Unrestricted Upload of File with Dangerous Type vulnerability in Mayurik Best Courier Management System 1.0 Sourcecodester Best Courier Management System 1.0 is vulnerable to Arbitrary file upload in the update_user function. | 7.2 |