Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-01 | CVE-2023-40980 | Unrestricted Upload of File with Dangerous Type vulnerability in Diaowen Dwsurvey 1.0/3.2.0 File Upload vulnerability in DWSurvey DWSurvey-OSS v.3.2.0 and before allows a remote attacker to execute arbitrary code via the saveimage method and savveFile in the action/UploadAction.java file. | 9.8 |
| 2023-08-31 | CVE-2023-41637 | Unrestricted Upload of File with Dangerous Type vulnerability in Grupposcai Realgimm 1.1.37 An arbitrary file upload vulnerability in the Carica immagine function of GruppoSCAI RealGimm 1.1.37p38 allows attackers to execute arbitrary code via uploading a crafted HTML file. | 9.8 |
| 2023-08-31 | CVE-2023-41638 | Unrestricted Upload of File with Dangerous Type vulnerability in Grupposcai Realgimm 1.1.37 An arbitrary file upload vulnerability in the Gestione Documentale module of GruppoSCAI RealGimm 1.1.37p38 allows attackers to execute arbitrary code via uploading a crafted file. | 8.8 |
| 2023-08-29 | CVE-2020-18912 | Unrestricted Upload of File with Dangerous Type vulnerability in Earcms EAR 20181124 An issue found in Earcms Ear App v.20181124 allows a remote attacker to execute arbitrary code via the uload/index-uplog.php. | 9.8 |
| 2023-08-28 | CVE-2023-40825 | Unrestricted Upload of File with Dangerous Type vulnerability in Perfree Perfreeblog 3.1.2 An issue in Perfree PerfreeBlog v.3.1.2 allows a remote attacker to execute arbitrary code via crafted plugin listed in admin/plugin/access/list. | 7.2 |
| 2023-08-28 | CVE-2023-38029 | Unrestricted Upload of File with Dangerous Type vulnerability in Saho Adm-100 Firmware and Adm-100Fp Firmware Saho’s attendance devices ADM100 and ADM-100FP has insufficient filtering for special characters and file type within their file uploading function. | 9.8 |
| 2023-08-25 | CVE-2023-32757 | Unrestricted Upload of File with Dangerous Type vulnerability in Edetw U-Office Force 20.0.7668D e-Excellence U-Office Force file uploading function does not restrict upload of file with dangerous type. | 9.8 |
| 2023-08-22 | CVE-2023-24517 | Unrestricted Upload of File with Dangerous Type vulnerability in Pandorafms Pandora FMS Unrestricted Upload of File with Dangerous Type vulnerability in the Pandora FMS File Manager component, allows an attacker to make make use of this issue ( unrestricted file upload ) to execute arbitrary system commands. | 7.2 |
| 2023-08-21 | CVE-2023-38836 | Unrestricted Upload of File with Dangerous Type vulnerability in Boidcms 2.0.0 File Upload vulnerability in BoidCMS v.2.0.0 allows a remote attacker to execute arbitrary code by adding a GIF header to bypass MIME type checks. | 8.8 |
| 2023-08-17 | CVE-2023-39970 | Unrestricted Upload of File with Dangerous Type vulnerability in Acyba Acymailing Starter Unrestricted Upload of File with Dangerous Type vulnerability in AcyMailing component for Joomla. | 9.8 |