Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-12 | CVE-2023-26852 | Unrestricted Upload of File with Dangerous Type vulnerability in Textpattern An arbitrary file upload vulnerability in the upload plugin of Textpattern v4.8.8 and below allows attackers to execute arbitrary code by uploading a crafted PHP file. | 7.2 |
| 2023-04-11 | CVE-2020-19802 | Unrestricted Upload of File with Dangerous Type vulnerability in Doyocms Project Doyocms 2.3 File Upload vulnerability found in Milken DoyoCMS v.2.3 allows a remote attacker to execute arbitrary code via the upload file type parameter. | 9.8 |
| 2023-04-11 | CVE-2023-27179 | Unrestricted Upload of File with Dangerous Type vulnerability in Gdidees CMS 3.9.1 GDidees CMS v3.9.1 and lower was discovered to contain an arbitrary file download vulenrability via the filename parameter at /_admin/imgdownload.php. | 7.5 |
| 2023-04-10 | CVE-2023-27178 | Unrestricted Upload of File with Dangerous Type vulnerability in Gdidees CMS 3.9.1 An arbitrary file upload vulnerability in the upload function of GDidees CMS 3.9.1 allows attackers to execute arbitrary code via a crafted file. | 9.8 |
| 2023-04-10 | CVE-2023-29375 | Unrestricted Upload of File with Dangerous Type vulnerability in Progress Sitefinity An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. | 9.8 |
| 2023-04-10 | CVE-2023-1406 | Unrestricted Upload of File with Dangerous Type vulnerability in Crocoblock Jetengine for Elementor The JetEngine WordPress plugin before 3.1.3.1 includes uploaded files without adequately ensuring that they are not executable, leading to a remote code execution vulnerability. | 8.8 |
| 2023-04-07 | CVE-2023-27033 | Unrestricted Upload of File with Dangerous Type vulnerability in Cdesigner Project Cdesigner 3.1.3/3.2.1 Prestashop cdesigner v3.1.3 to v3.1.8 was discovered to contain a code injection vulnerability via the component CdesignerSaverotateModuleFrontController::initContent(). | 9.8 |
| 2023-04-05 | CVE-2023-24720 | Unrestricted Upload of File with Dangerous Type vulnerability in Readium Readium-Js 0.32.0 An arbitrary file upload vulnerability in readium-js v0.32.0 allows attackers to execute arbitrary code via uploading a crafted EPUB file. | 9.8 |
| 2023-04-05 | CVE-2023-0670 | Unrestricted Upload of File with Dangerous Type vulnerability in Ulearn Project Ulearn Ulearn version a5a7ca20de859051ea0470542844980a66dfc05d allows an attacker with administrator permissions to obtain remote code execution on the server through the image upload functionality. | 7.2 |
| 2023-04-05 | CVE-2023-20134 | Unrestricted Upload of File with Dangerous Type vulnerability in Cisco Webex Meetings Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack or upload arbitrary files as recordings. | 6.5 |