Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-07 | CVE-2022-42092 | Unrestricted Upload of File with Dangerous Type vulnerability in Backdropcms Backdrop CMS 1.22.0 Backdrop CMS 1.22.0 has Unrestricted File Upload vulnerability via 'themes' that allows attackers to Remote Code Execution. | 7.2 |
| 2022-10-03 | CVE-2022-40721 | Unrestricted Upload of File with Dangerous Type vulnerability in Creativedream File Uploader Project Creativedream File Uploader 0.3 Arbitrary file upload vulnerability in php uploader | 9.8 |
| 2022-10-03 | CVE-2022-40886 | Unrestricted Upload of File with Dangerous Type vulnerability in Dedecms 5.7.98 DedeCMS 5.7.98 has a file upload vulnerability in the background. | 7.2 |
| 2022-09-30 | CVE-2022-40341 | Unrestricted Upload of File with Dangerous Type vulnerability in Mojoportal 2.7.0.0 mojoPortal v2.7 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted PNG file. | 8.8 |
| 2022-09-30 | CVE-2022-41437 | Unrestricted Upload of File with Dangerous Type vulnerability in Billing System Project Billing System Project 1.0 Billing System Project v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the component /php_action/createProduct.php. | 7.2 |
| 2022-09-29 | CVE-2022-40407 | Unrestricted Upload of File with Dangerous Type vulnerability in Chamilo 1.11 A zip slip vulnerability in the file upload function of Chamilo v1.11 allows attackers to execute arbitrary code via a crafted Zip file. | 8.8 |
| 2022-09-29 | CVE-2021-45790 | Unrestricted Upload of File with Dangerous Type vulnerability in Metersphere 1.15.4 An arbitrary file upload vulnerability was found in Metersphere v1.15.4. | 9.8 |
| 2022-09-29 | CVE-2022-40048 | Unrestricted Upload of File with Dangerous Type vulnerability in Flatpress 1.2.1 Flatpress v1.2.1 was discovered to contain a remote code execution (RCE) vulnerability in the Upload File function. | 7.2 |
| 2022-09-27 | CVE-2022-37346 | Unrestricted Upload of File with Dangerous Type vulnerability in Ec-Cube Product Image Bulk Upload 1.0.0/4.1.0 EC-CUBE plugin 'Product Image Bulk Upload Plugin' 1.0.0 and 4.1.0 contains an insufficient verification vulnerability when uploading files. | 9.8 |
| 2022-09-27 | CVE-2022-40878 | Unrestricted Upload of File with Dangerous Type vulnerability in Exam Reviewer Management System Project Exam Reviewer Management System 1.0 In Exam Reviewer Management System 1.0, an authenticated attacker can upload a web-shell php file in profile page to achieve Remote Code Execution (RCE). | 8.8 |