Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-08 | CVE-2021-33352 | Unrestricted Upload of File with Dangerous Type vulnerability in Wyomind Help Desk An issue in Wyomind Help Desk Magento 2 extension v.1.3.6 and before fixed in v.1.3.7 allows attacker to execute arbitrary code via a phar file upload in the ticket message field. | 9.8 |
| 2023-03-08 | CVE-2023-22890 | Unrestricted Upload of File with Dangerous Type vulnerability in Smartbear Zephyr Enterprise SmartBear Zephyr Enterprise through 7.15.0 allows unauthenticated users to upload large files, which could exhaust the local drive space, causing a denial of service condition. | 7.5 |
| 2023-03-06 | CVE-2023-26949 | Unrestricted Upload of File with Dangerous Type vulnerability in Onekeyadmin 1.3.9 An arbitrary file upload vulnerability in the component /admin1/config/update of onekeyadmin v1.3.9 allows attackers to execute arbitrary code via a crafted PHP file. | 9.8 |
| 2023-03-03 | CVE-2023-25402 | Unrestricted Upload of File with Dangerous Type vulnerability in Yf-Exam Project Yf-Exam 1.8.0 CleverStupidDog yf-exam 1.8.0 is vulnerable to File Upload. | 7.5 |
| 2023-03-01 | CVE-2023-20009 | Unrestricted Upload of File with Dangerous Type vulnerability in Cisco products A vulnerability in the Web UI and administrative CLI of the Cisco Secure Email Gateway (ESA) and Cisco Secure Email and Web Manager (SMA) could allow an authenticated remote attacker and or authenticated local attacker to escalate their privilege level and gain root access. | 7.2 |
| 2023-03-01 | CVE-2023-24045 | Unrestricted Upload of File with Dangerous Type vulnerability in Dataiku Data Science Studio In Dataiku DSS 11.2.1, an attacker can download other Dataiku files that were uploaded to the myfiles section by specifying the target username in a download request. | 6.5 |
| 2023-02-27 | CVE-2023-24249 | Unrestricted Upload of File with Dangerous Type vulnerability in Laravel-Admin 1.8.19 An arbitrary file upload vulnerability in laravel-admin v1.8.19 allows attackers to execute arbitrary code via a crafted PHP file. | 7.2 |
| 2023-02-27 | CVE-2023-26762 | Unrestricted Upload of File with Dangerous Type vulnerability in Smeup ERP Tokyov6R1M220406 Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an arbitrary file upload vulnerability. | 8.8 |
| 2023-02-24 | CVE-2021-35290 | Unrestricted Upload of File with Dangerous Type vulnerability in Balero CMS Project Balero CMS 0.8.3 File Upload vulnerability in balerocms-src 0.8.3 allows remote attackers to run arbitrary code via rich text editor on /admin/main/mod-blog page. | 7.2 |
| 2023-02-24 | CVE-2021-33224 | Unrestricted Upload of File with Dangerous Type vulnerability in Umbraco Forms 8.7.0 File upload vulnerability in Umbraco Forms v.8.7.0 allows unauthenticated attackers to execute arbitrary code via a crafted web.config and asp file. | 9.8 |