Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-01 | CVE-2023-40980 | Unrestricted Upload of File with Dangerous Type vulnerability in Diaowen Dwsurvey 1.0/3.2.0 File Upload vulnerability in DWSurvey DWSurvey-OSS v.3.2.0 and before allows a remote attacker to execute arbitrary code via the saveimage method and savveFile in the action/UploadAction.java file. | 9.8 |
| 2023-08-31 | CVE-2023-41637 | Unrestricted Upload of File with Dangerous Type vulnerability in Grupposcai Realgimm 1.1.37 An arbitrary file upload vulnerability in the Carica immagine function of GruppoSCAI RealGimm 1.1.37p38 allows attackers to execute arbitrary code via uploading a crafted HTML file. | 9.8 |
| 2023-08-31 | CVE-2023-41638 | Unrestricted Upload of File with Dangerous Type vulnerability in Grupposcai Realgimm 1.1.37 An arbitrary file upload vulnerability in the Gestione Documentale module of GruppoSCAI RealGimm 1.1.37p38 allows attackers to execute arbitrary code via uploading a crafted file. | 8.8 |
| 2023-08-29 | CVE-2020-18912 | Unrestricted Upload of File with Dangerous Type vulnerability in Earcms EAR 20181124 An issue found in Earcms Ear App v.20181124 allows a remote attacker to execute arbitrary code via the uload/index-uplog.php. | 9.8 |
| 2023-08-28 | CVE-2023-40825 | Unrestricted Upload of File with Dangerous Type vulnerability in Perfree Perfreeblog 3.1.2 An issue in Perfree PerfreeBlog v.3.1.2 allows a remote attacker to execute arbitrary code via crafted plugin listed in admin/plugin/access/list. | 7.2 |
| 2023-08-21 | CVE-2023-38836 | Unrestricted Upload of File with Dangerous Type vulnerability in Boidcms 2.0.0 File Upload vulnerability in BoidCMS v.2.0.0 allows a remote attacker to execute arbitrary code by adding a GIF header to bypass MIME type checks. | 8.8 |
| 2023-08-17 | CVE-2023-39970 | Unrestricted Upload of File with Dangerous Type vulnerability in Acyba Acymailing Starter Unrestricted Upload of File with Dangerous Type vulnerability in AcyMailing component for Joomla. | 9.8 |
| 2023-08-17 | CVE-2023-31941 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Travel Agency System Project Online Travel Agency System 1.0 File Upload vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via a crafted PHP file to the employee_insert.php. | 7.2 |
| 2023-08-17 | CVE-2023-31946 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Travel Agency System Project Online Travel Agency System 1.0 File Upload vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via a crafted PHP file to the artical.php. | 7.2 |
| 2023-08-16 | CVE-2023-39115 | Unrestricted Upload of File with Dangerous Type vulnerability in Campcodes Complete Online Matrimonial Website System Script 3.3 install/aiz-uploader/upload in Campcodes Online Matrimonial Website System Script 3.3 allows XSS via a crafted SVG document. | 9.8 |