| 2024-11-20 | CVE-2024-51208 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul Boat Booking System 1.0
File Upload vulnerability in change-image.php in Anuj Kumar's Boat Booking System version 1.0 allows local attackers to upload a malicious PHP script via the Image Upload Mechanism parameter. | 7.2 |
| 2024-11-15 | CVE-2024-50652 | Unrestricted Upload of File with Dangerous Type vulnerability in Geeeeeeeek Java Shop 1.0
A file upload vulnerability in java_shop 1.0 allows attackers to upload arbitrary files by modifying the avatar function. | 4.3 |
| 2024-11-14 | CVE-2024-11214 | Unrestricted Upload of File with Dangerous Type vulnerability in Mayurik Best Employee Management System 1.0
A vulnerability has been found in SourceCodester Best Employee Management System 1.0 and classified as critical. | 7.2 |
| 2024-11-14 | CVE-2024-11211 | Unrestricted Upload of File with Dangerous Type vulnerability in Eyoucms
A vulnerability classified as critical has been found in EyouCMS up to 1.6.7. | 7.2 |
| 2024-11-12 | CVE-2024-11138 | Unrestricted Upload of File with Dangerous Type vulnerability in Dedecms 5.7.116
A vulnerability classified as problematic has been found in DedeCMS 5.7.116. | 9.8 |
| 2024-11-11 | CVE-2024-51793 | Unrestricted Upload of File with Dangerous Type vulnerability in Webfulcreations Computer Repair Shop
Unrestricted Upload of File with Dangerous Type vulnerability in Webful Creations Computer Repair Shop allows Upload a Web Shell to a Web Server.This issue affects Computer Repair Shop: from n/a through 3.8115. | 9.8 |
| 2024-11-10 | CVE-2024-11054 | Unrestricted Upload of File with Dangerous Type vulnerability in Oretnom23 Simple Music Cloud Community System 1.0
A vulnerability classified as critical was found in SourceCodester Simple Music Cloud Community System 1.0. | 9.8 |
| 2024-11-09 | CVE-2024-10547 | The WP Membership plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the user_profile_image_upload() function in all versions up to, and including, 1.6.2. network low complexity CWE-434 critical | 9.8 |
| 2024-11-09 | CVE-2024-10627 | The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_manage_file_chunk_upload() function in all versions up to, and including, 17.7. network low complexity CWE-434 critical | 9.8 |
| 2024-11-08 | CVE-2024-51152 | Unrestricted Upload of File with Dangerous Type vulnerability in Alexstack Laravel CMS
File Upload vulnerability in Laravel CMS v.1.4.7 and before allows a remote attacker to execute arbitrary code via the shell.php a component. | 7.2 |