Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-25 | CVE-2023-26098 | Unrestricted Upload of File with Dangerous Type vulnerability in Telindus Apsal 3.14.2022.235B An issue was discovered in the Open Document feature in Telindus Apsal 3.14.2022.235 b. | 7.8 |
| 2023-04-24 | CVE-2023-25132 | Unrestricted Upload of File with Dangerous Type vulnerability in Cyberpower Powerpanel 4.8.6 Unrestricted upload of file with dangerous type vulnerability in default.cmd file in PowerPanel Business Local/Remote for Windows v4.8.6 and earlier, PowerPanel Business Management for Windows v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 32bit v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 64bit v4.8.6 and earlier, PowerPanel Business Management for Linux 32bit v4.8.6 and earlier, PowerPanel Business Management for Linux 64bit v4.8.6 and earlier, PowerPanel Business Local/Remote for MacOS v4.8.6 and earlier, and PowerPanel Business Management for MacOS v4.8.6 and earlier allows remote attackers to execute operation system commands via unspecified vectors. | 9.8 |
| 2023-04-23 | CVE-2023-2246 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Pizza Ordering System Project Online Pizza Ordering System 1.0 A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. | 9.8 |
| 2023-04-17 | CVE-2023-28962 | Unrestricted Upload of File with Dangerous Type vulnerability in Juniper Junos An Improper Authentication vulnerability in upload-file.php, used by the J-Web component of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to upload arbitrary files to temporary folders on the device. | 9.8 |
| 2023-04-17 | CVE-2023-27755 | Unrestricted Upload of File with Dangerous Type vulnerability in 71Note Go-Bbs 1.0 go-bbs v1 was discovered to contain an arbitrary file download vulnerability via the component /api/v1/download. | 8.8 |
| 2023-04-16 | CVE-2022-34128 | Unrestricted Upload of File with Dangerous Type vulnerability in Glpi-Project Positions The Cartography (aka positions) plugin before 6.0.1 for GLPI allows remote code execution via PHP code in the POST data to front/upload.php. | 9.8 |
| 2023-04-14 | CVE-2023-29621 | Unrestricted Upload of File with Dangerous Type vulnerability in Purchase Order Management Project Purchase Order Management 1.0 Purchase Order Management v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server. | 8.8 |
| 2023-04-14 | CVE-2023-29625 | Unrestricted Upload of File with Dangerous Type vulnerability in Employee Performance Evaluation System Project Employee Performance Evaluation System 1.0 Employee Performance Evaluation System v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server. | 8.8 |
| 2023-04-14 | CVE-2023-29627 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Pizza Ordering Project Online Pizza Ordering 1.0 Online Pizza Ordering v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server. | 8.8 |
| 2023-04-14 | CVE-2023-2034 | Unrestricted Upload of File with Dangerous Type vulnerability in Froxlor Unrestricted Upload of File with Dangerous Type in GitHub repository froxlor/froxlor prior to 2.0.14. | 8.8 |