Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-17 | CVE-2023-41631 | Unrestricted Upload of File with Dangerous Type vulnerability in Esst Monitoring 2.147.1 eSST Monitoring v2.147.1 was discovered to contain a remote code execution (RCE) vulnerability via the file upload function. | 8.8 |
| 2023-10-17 | CVE-2023-45952 | Unrestricted Upload of File with Dangerous Type vulnerability in Lylme Spage 1.7.0 An arbitrary file upload vulnerability in the component ajax_link.php of lylme_spage v1.7.0 allows attackers to execute arbitrary code via uploading a crafted file. | 9.8 |
| 2023-10-17 | CVE-2023-44824 | Unrestricted Upload of File with Dangerous Type vulnerability in Oretnom23 Expense Management System 1.0 An issue in Expense Management System v.1.0 allows a local attacker to execute arbitrary code via a crafted file uploaded to the sign-up.php component. | 7.8 |
| 2023-10-17 | CVE-2023-34207 | Unrestricted Upload of File with Dangerous Type vulnerability in Easyuse Mailhunter Ultimate 2020/2023 Unrestricted upload of file with dangerous type vulnerability in create template function in EasyUse MailHunter Ultimate 2023 and earlier allows remote authenticated users to perform arbitrary system commands with ‘NT Authority\SYSTEM‘ privilege via a crafted ZIP archive. | 8.8 |
| 2023-10-17 | CVE-2022-22375 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Security Verify Privilege On-Premises IBM Security Verify Privilege On-Premises 11.5 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. | 8.8 |
| 2023-10-16 | CVE-2023-35018 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Security Verify Governance 10.0/10.0.1 IBM Security Verify Governance 10.0 could allow a privileged use to upload arbitrary files due to improper file validation. | 7.2 |
| 2023-10-14 | CVE-2023-45856 | Unrestricted Upload of File with Dangerous Type vulnerability in Qdpm 9.2 qdPM 9.2 allows remote code execution by using the Add Attachments feature of Edit Project to upload a .php file to the /uploads URI. | 9.8 |
| 2023-10-11 | CVE-2023-44962 | Unrestricted Upload of File with Dangerous Type vulnerability in Koha-Community Koha Library Software File Upload vulnerability in Koha Library Software 23.05.04 and before allows a remote attacker to read arbitrary files via the upload-cover-image.pl component. | 5.3 |
| 2023-10-10 | CVE-2023-44763 | Unrestricted Upload of File with Dangerous Type vulnerability in Concretecms Concrete CMS 9.2.1 Concrete CMS v9.2.1 is affected by an Arbitrary File Upload vulnerability via a Thumbnail file upload, which allows Cross-Site Scripting (XSS). | 5.4 |
| 2023-10-09 | CVE-2023-43696 | Unrestricted Upload of File with Dangerous Type vulnerability in Sick Apu0200 Firmware Improper Access Control in SICK APU allows an unprivileged remote attacker to download as well as upload arbitrary files via anonymous access to the FTP server. | 9.8 |