Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-07 | CVE-2022-44051 | Unrestricted Upload of File with Dangerous Type vulnerability in Democritus D8S-Stats 0.1.0 The d8s-stats for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. | 9.8 |
| 2022-11-07 | CVE-2022-44052 | Unrestricted Upload of File with Dangerous Type vulnerability in Democritus D8S-Dates 0.1.0 The d8s-dates for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. | 9.8 |
| 2022-11-07 | CVE-2022-44053 | Unrestricted Upload of File with Dangerous Type vulnerability in Democritus D8S-Networking 0.1.0 The d8s-networking for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. | 9.8 |
| 2022-11-07 | CVE-2022-44054 | Unrestricted Upload of File with Dangerous Type vulnerability in Democritus D8S-Xml 0.1.0 The d8s-xml for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. | 9.8 |
| 2022-11-03 | CVE-2022-43061 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Tours & Travels Management System Project Online Tours & Travels Management System 1.0 Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability in the component /operations/travellers.php. | 7.2 |
| 2022-11-01 | CVE-2022-43083 | Unrestricted Upload of File with Dangerous Type vulnerability in Vehicle Booking System Project Vehicle Booking System 1.0 An arbitrary file upload vulnerability in admin-add-vehicle.php of Vehicle Booking System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. | 7.2 |
| 2022-11-01 | CVE-2022-43085 | Unrestricted Upload of File with Dangerous Type vulnerability in Codeastro Restaurant POS System 1.0 An arbitrary file upload vulnerability in add_product.php of Restaurant POS System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. | 7.2 |
| 2022-10-31 | CVE-2022-41681 | Unrestricted Upload of File with Dangerous Type vulnerability in Formalms There is a vulnerability on Forma LMS version 3.1.0 and earlier that could allow an authenticated attacker (with the role of student) to privilege escalate in order to upload a Zip file through the SCORM importer feature. | 8.8 |
| 2022-10-31 | CVE-2022-42925 | Unrestricted Upload of File with Dangerous Type vulnerability in Formalms There is a vulnerability on Forma LMS version 3.1.0 and earlier that could allow an authenticated attacker (with the role of student) to privilege escalate in order to upload a Zip file through the plugin upload component. | 8.8 |
| 2022-10-31 | CVE-2022-40471 | Unrestricted Upload of File with Dangerous Type vulnerability in Oretnom23 Clinic'S Patient Management System 1.0 Remote Code Execution in Clinic's Patient Management System v 1.0 allows Attacker to Upload arbitrary php webshell via profile picture upload functionality in users.php | 9.8 |