Vulnerabilities > Unrestricted Upload of File with Dangerous Type
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-07-03 | CVE-2020-22153 | Unrestricted Upload of File with Dangerous Type vulnerability in Thedaylightstudio Fuel CMS 1.4.6 File Upload vulnerability in FUEL-CMS v.1.4.6 allows a remote attacker to execute arbitrary code via a crafted .php file to the upload parameter in the navigation function. | 9.8 |
2023-06-30 | CVE-2023-32621 | Unrestricted Upload of File with Dangerous Type vulnerability in Wavlink Wl-Wn531Ax2 Firmware WL-WN531AX2 firmware versions prior to 2023526 allows an attacker with an administrative privilege to upload arbitrary files and execute OS commands with the root privilege. | 7.2 |
2023-06-30 | CVE-2020-18432 | Unrestricted Upload of File with Dangerous Type vulnerability in Sem-Cms Semcms 3.7 File Upload vulnerability in SEMCMS PHP 3.7 allows remote attackers to upload arbitrary files and gain escalated privileges. | 9.8 |
2023-06-29 | CVE-2023-34738 | Unrestricted Upload of File with Dangerous Type vulnerability in Chemex Chemex through 3.7.1 is vulnerable to arbitrary file upload. | 9.8 |
2023-06-28 | CVE-2023-34736 | Unrestricted Upload of File with Dangerous Type vulnerability in Guantang Equipment Management System Project Guantang Equipment Management System 4.12 Guantang Equipment Management System version 4.12 is vulnerable to Arbitrary File Upload. | 7.2 |
2023-06-28 | CVE-2022-44276 | Unrestricted Upload of File with Dangerous Type vulnerability in Tecrail Responsive Filemanager In Responsive Filemanager < 9.12.0, an attacker can bypass upload restrictions resulting in RCE. | 9.8 |
2023-06-26 | CVE-2023-33404 | Unrestricted Upload of File with Dangerous Type vulnerability in Blogengine Blogengine.Net An Unrestricted Upload vulnerability, due to insufficient validation on UploadControlled.cs file, in BlogEngine.Net version 3.3.8.0 and earlier allows remote attackers to execute remote code. | 9.8 |
2023-06-26 | CVE-2020-20210 | Unrestricted Upload of File with Dangerous Type vulnerability in Bludit 3.9.2 Bludit 3.9.2 is vulnerable to Remote Code Execution (RCE) via /admin/ajax/upload-images. | 8.8 |
2023-06-25 | CVE-2023-36630 | Unrestricted Upload of File with Dangerous Type vulnerability in Mgt-Commerce Cloudpanel In CloudPanel before 2.3.1, insecure file upload leads to privilege escalation and authentication bypass. | 8.8 |
2023-06-24 | CVE-2023-1721 | Unrestricted Upload of File with Dangerous Type vulnerability in Yoga Class Registration System Project Yoga Class Registration System 1.0 Yoga Class Registration System version 1.0 allows an administrator to execute commands on the server. | 7.2 |