Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-24 | CVE-2021-35290 | Unrestricted Upload of File with Dangerous Type vulnerability in Balero CMS Project Balero CMS 0.8.3 File Upload vulnerability in balerocms-src 0.8.3 allows remote attackers to run arbitrary code via rich text editor on /admin/main/mod-blog page. | 7.2 |
| 2023-02-24 | CVE-2021-33224 | Unrestricted Upload of File with Dangerous Type vulnerability in Umbraco Forms 8.7.0 File upload vulnerability in Umbraco Forms v.8.7.0 allows unauthenticated attackers to execute arbitrary code via a crafted web.config and asp file. | 9.8 |
| 2023-02-23 | CVE-2023-24317 | Unrestricted Upload of File with Dangerous Type vulnerability in Judging Management System Project Judging Management System 1.0 Judging Management System 1.0 was discovered to contain an arbitrary file upload vulnerability via the component edit_organizer.php. | 8.1 |
| 2023-02-22 | CVE-2022-39983 | Unrestricted Upload of File with Dangerous Type vulnerability in Instantdeveloper RD3 22.0.8500 File upload vulnerability in Instantdeveloper RD3 22.0.8500, allows attackers to execute arbitrary code. | 9.8 |
| 2023-02-22 | CVE-2022-41217 | Unrestricted Upload of File with Dangerous Type vulnerability in Hybridsoftware Cloudflow 2.0.0/2.3.1 Cloudflow contains a unauthenticated file upload vulnerability, which makes it possible for an attacker to upload malicious files to the CLOUDFLOW PROOFSCOPE built-in storage. | 9.8 |
| 2023-02-22 | CVE-2022-2883 | Unrestricted Upload of File with Dangerous Type vulnerability in Octopus Server In affected versions of Octopus Deploy it is possible to upload a zipbomb file as a task which results in Denial of Service | 7.5 |
| 2023-02-17 | CVE-2021-35261 | Unrestricted Upload of File with Dangerous Type vulnerability in Bearadmin Project Bearadmin File Upload Vulnerability in Yupoxion BearAdmin before commit 10176153528b0a914eb4d726e200fd506b73b075 allows attacker to execute arbitrary remote code via the Upfile function of the extend/tools/Ueditor endpoint. | 9.8 |
| 2023-02-14 | CVE-2023-22937 | Unrestricted Upload of File with Dangerous Type vulnerability in Splunk and Splunk Cloud Platform In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the lookup table upload feature let a user upload lookup tables with unnecessary filename extensions. | 4.3 |
| 2023-02-13 | CVE-2023-24646 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Food Ordering System Project Online Food Ordering System 2.0 An arbitrary file upload vulnerability in the component /fos/admin/ajax.php of Food Ordering System v2.0 allows attackers to execute arbitrary code via a crafted PHP file. | 9.8 |
| 2023-02-13 | CVE-2023-0255 | Unrestricted Upload of File with Dangerous Type vulnerability in Shortpixel Enable Media Replace The Enable Media Replace WordPress plugin before 4.0.2 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites. | 8.8 |