Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-20 | CVE-2023-38887 | Unrestricted Upload of File with Dangerous Type vulnerability in Dolibarr Erp/Crm File Upload vulnerability in Dolibarr ERP CRM v.17.0.1 and before allows a remote attacker to execute arbitrary code and obtain sensitive information via the extension filtering and renaming functions. | 8.8 |
| 2023-09-20 | CVE-2023-36319 | Unrestricted Upload of File with Dangerous Type vulnerability in Openupload Project Openupload 0.4.3 File Upload vulnerability in Openupload Stable v.0.4.3 allows a remote attacker to execute arbitrary code via the action parameter of the compress-inc.php file. | 8.8 |
| 2023-09-15 | CVE-2023-41626 | Unrestricted Upload of File with Dangerous Type vulnerability in Gradio Project Gradio 3.27.0 Gradio v3.27.0 was discovered to contain an arbitrary file upload vulnerability via the /upload interface. | 4.8 |
| 2023-09-14 | CVE-2023-42180 | Unrestricted Upload of File with Dangerous Type vulnerability in Lenosp Project Lenosp 1.0/1.2.0 An arbitrary file upload vulnerability in the /user/upload component of lenosp 1.0-1.2.0 allows attackers to execute html code via a crafted JPG file. | 8.8 |
| 2023-09-12 | CVE-2023-40784 | Unrestricted Upload of File with Dangerous Type vulnerability in Dedecms 5.7.102 DedeCMS 5.7.102 has a File Upload vulnerability via uploads/dede/module_make.php. | 9.8 |
| 2023-09-12 | CVE-2023-2071 | Unrestricted Upload of File with Dangerous Type vulnerability in Rockwellautomation Factorytalk View 13.0 Rockwell Automation FactoryTalk View Machine Edition on the PanelView Plus, improperly verifies user’s input, which allows unauthenticated attacker to achieve remote code executed via crafted malicious packets. | 9.8 |
| 2023-09-08 | CVE-2023-41564 | Unrestricted Upload of File with Dangerous Type vulnerability in Agentejo Cockpit 2.6.3 An arbitrary file upload vulnerability in the Upload Asset function of Cockpit CMS v2.6.3 allows attackers to execute arbitrary code via uploading a crafted .shtml file. | 6.1 |
| 2023-09-07 | CVE-2023-39424 | Unrestricted Upload of File with Dangerous Type vulnerability in Resortdata Internet Reservation Module Next Generation 5.3.2.15 A vulnerability in RDPngFileUpload.dll, as used in the IRM Next Generation booking system, allows a remote attacker to upload arbitrary content (such as a web shell component) to the SQL database and execute it with SYSTEM privileges. | 8.8 |
| 2023-09-05 | CVE-2023-41009 | Unrestricted Upload of File with Dangerous Type vulnerability in Adlered Bolo-Solo 2.6 File Upload vulnerability in adlered bolo-solo v.2.6 allows a remote attacker to execute arbitrary code via a crafted script to the authorization field in the header. | 9.8 |
| 2023-09-05 | CVE-2023-41108 | Unrestricted Upload of File with Dangerous Type vulnerability in TEF Portal 20230717 TEF portal 2023-07-17 is vulnerable to authenticated remote code execution. | 8.8 |