VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Unrestricted Upload of File with Dangerous Type
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-01-09
CVE-2025-0335
Unrestricted Upload of File with Dangerous Type vulnerability in Fabianros Online Bike Rental System 1.0
A vulnerability was found in code-projects Online Bike Rental System 1.0 and classified as critical.
network
low complexity
fabianros
CWE-434
critical
9.8
9.8
2025-01-08
CVE-2024-12853
The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the zip upload functionality in all versions up to, and including, 2.11.10.
network
low complexity
CWE-434
8.8
8.8
2025-01-08
CVE-2024-12854
The Garden Gnome Package plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the functionality that automatically extracts 'ggpkg' files that have been uploaded in all versions up to, and including, 2.3.0.
network
low complexity
CWE-434
8.8
8.8
2025-01-07
CVE-2025-22132
Unrestricted Upload of File with Dangerous Type vulnerability in Wegia
WeGIA is a web manager for charitable institutions.
network
low complexity
wegia
CWE-434
4.8
4.8
2025-01-05
CVE-2024-13138
Unrestricted Upload of File with Dangerous Type vulnerability in Wangl1989 Mysiteforme 1.0
A vulnerability was found in wangl1989 mysiteforme 1.0.
network
low complexity
wangl1989
CWE-434
8.8
8.8
2025-01-04
CVE-2025-0213
Unrestricted Upload of File with Dangerous Type vulnerability in Campcodes Project Management System 1.0
A vulnerability was found in Campcodes Project Management System 1.0.
network
low complexity
campcodes
CWE-434
critical
9.8
9.8
2024-12-24
CVE-2024-10584
Unrestricted Upload of File with Dangerous Type vulnerability in Designinvento Directorypress
The DirectoryPress – Business Directory And Classified Ad Listing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.6.16 due to insufficient input sanitization and output escaping.
network
low complexity
designinvento
CWE-434
5.4
5.4
2024-12-20
CVE-2024-40695
IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0 through 12.0.4 could be vulnerable to malicious file upload by not validating the content of the file uploaded to the web interface.
network
low complexity
CWE-434
8.0
8.0
2024-12-14
CVE-2024-9698
The Crafthemes Demo Import plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'process_uploaded_files' function in all versions up to, and including, 3.3.
network
low complexity
CWE-434
7.2
7.2
2024-12-13
CVE-2024-9290
The Super Backup & Clone - Migrate for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation and a missing capability check on the ibk_restore_migrate_check() function in all versions up to, and including, 2.3.3.
network
low complexity
CWE-434
critical
9.8
9.8
«
Previous
1
2
3
4
(current)
5
6
...
196
197
»
Next