Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-27 | CVE-2022-48008 | Unrestricted Upload of File with Dangerous Type vulnerability in Limesurvey 5.4.15 An arbitrary file upload vulnerability in the plugin manager of LimeSurvey v5.4.15 allows attackers to execute arbitrary code via a crafted PHP file. | 9.8 |
| 2023-01-26 | CVE-2022-47042 | Unrestricted Upload of File with Dangerous Type vulnerability in Mingsoft Mcms 5.2.10/5.2.8/5.2.9 MCMS v5.2.10 and below was discovered to contain an arbitrary file write vulnerability via the component ms/template/writeFileContent.do. | 8.8 |
| 2023-01-26 | CVE-2022-47615 | Unrestricted Upload of File with Dangerous Type vulnerability in Thimpress Learnpress Local File Inclusion vulnerability in LearnPress – WordPress LMS Plugin <= 4.1.7.3.2 versions. | 9.8 |
| 2023-01-26 | CVE-2022-40035 | Unrestricted Upload of File with Dangerous Type vulnerability in Blog-Ssm Project Blog-Ssm 1.0 File Upload Vulnerability found in Rawchen Blog-ssm v1.0 allowing attackers to execute arbitrary commands and gain escalated privileges via the /uploadFileList component. | 8.8 |
| 2023-01-26 | CVE-2022-40037 | Unrestricted Upload of File with Dangerous Type vulnerability in Javaweb Blog Project Javaweb Blog 1.0 An issue discovered in Rawchen blog-ssm v1.0 allows remote attacker to escalate privileges and execute arbitrary commands via the component /upFile. | 9.8 |
| 2023-01-26 | CVE-2022-3478 | Unrestricted Upload of File with Dangerous Type vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 12.8 before 15.4.6, all versions starting from 15.5 before 15.5.5, all versions starting from 15.6 before 15.6.1. | 4.3 |
| 2023-01-20 | CVE-2021-26642 | Unrestricted Upload of File with Dangerous Type vulnerability in Xpressengine When uploading an image file to a bulletin board developed with XpressEngine, a vulnerability in which an arbitrary file can be uploaded due to insufficient verification of the file. | 9.8 |
| 2023-01-20 | CVE-2023-20040 | Unrestricted Upload of File with Dangerous Type vulnerability in Cisco Network Services Orchestrator A vulnerability in the NETCONF service of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to cause a denial of service (DoS) on an affected system that is running as the root user. | 5.5 |
| 2023-01-19 | CVE-2022-47766 | Unrestricted Upload of File with Dangerous Type vulnerability in Popojicms 2.0.1 PopojiCMS v2.0.1 backend plugin function has a file upload vulnerability. | 8.8 |
| 2023-01-14 | CVE-2023-22851 | Unrestricted Upload of File with Dangerous Type vulnerability in Tiki Tiki before 24.2 allows lib/importer/tikiimporter_blog_wordpress.php PHP Object Injection by an admin because of an unserialize call. | 7.2 |