Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-09 | CVE-2022-43277 | Unrestricted Upload of File with Dangerous Type vulnerability in Canteen Management System Project Canteen Management System 1.0 Canteen Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via ip/youthappam/php_action/editFile.php. | 7.2 |
| 2022-11-09 | CVE-2022-40797 | Unrestricted Upload of File with Dangerous Type vulnerability in Roxyfileman Roxy Fileman 1.4.6 Roxy Fileman 1.4.6 allows Remote Code Execution via a .phar upload, because the default FORBIDDEN_UPLOADS value in conf.json only blocks .php, .php4, and .php5 files. | 9.8 |
| 2022-11-07 | CVE-2022-43050 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Tours and Travels Management System Project Online Tours and Travels Management System 1.0 Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability in the component update_profile.php. | 7.2 |
| 2022-11-07 | CVE-2022-43303 | Unrestricted Upload of File with Dangerous Type vulnerability in Democritus D8S-Strings 0.1.0 The d8s-strings for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. | 9.8 |
| 2022-11-07 | CVE-2022-43304 | Unrestricted Upload of File with Dangerous Type vulnerability in Democritus D8S-Timer 0.1.0 The d8s-timer for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. | 9.8 |
| 2022-11-07 | CVE-2022-43305 | Unrestricted Upload of File with Dangerous Type vulnerability in Democritus D8S-Python 0.1.0 The d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. | 9.8 |
| 2022-11-07 | CVE-2022-43306 | Unrestricted Upload of File with Dangerous Type vulnerability in Democritus D8S-Timer 0.1.0 The d8s-timer for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. | 8.8 |
| 2022-11-07 | CVE-2022-44048 | Unrestricted Upload of File with Dangerous Type vulnerability in Democritus D8S-Urls 0.1.0 The d8s-urls for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. | 9.8 |
| 2022-11-07 | CVE-2022-44049 | Unrestricted Upload of File with Dangerous Type vulnerability in Democritus D8S-Python 0.1.0 The d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. | 9.8 |
| 2022-11-07 | CVE-2022-44050 | Unrestricted Upload of File with Dangerous Type vulnerability in Democritus D8S-Networking 0.1.0 The d8s-networking for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. | 9.8 |