Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-07 | CVE-2022-41379 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Leave Management System Project Online Leave Management System 1.0 An arbitrary file upload vulnerability in the component /leave_system/classes/Users.php?f=save of Online Leave Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. | 7.2 |
| 2022-10-07 | CVE-2022-41512 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Diagnostic LAB Management System Project Online Diagnostic LAB Management System 1.0 An arbitrary file upload vulnerability in the component /php_action/editFile.php of Online Diagnostic Lab Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. | 7.2 |
| 2022-10-07 | CVE-2022-42092 | Unrestricted Upload of File with Dangerous Type vulnerability in Backdropcms Backdrop CMS 1.22.0 Backdrop CMS 1.22.0 has Unrestricted File Upload vulnerability via 'themes' that allows attackers to Remote Code Execution. | 7.2 |
| 2022-10-03 | CVE-2022-40721 | Unrestricted Upload of File with Dangerous Type vulnerability in Creativedream File Uploader Project Creativedream File Uploader 0.3 Arbitrary file upload vulnerability in php uploader | 9.8 |
| 2022-10-03 | CVE-2022-40886 | Unrestricted Upload of File with Dangerous Type vulnerability in Dedecms 5.7.98 DedeCMS 5.7.98 has a file upload vulnerability in the background. | 7.2 |
| 2022-09-30 | CVE-2022-40341 | Unrestricted Upload of File with Dangerous Type vulnerability in Mojoportal 2.7.0.0 mojoPortal v2.7 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted PNG file. | 8.8 |
| 2022-09-30 | CVE-2022-41437 | Unrestricted Upload of File with Dangerous Type vulnerability in Billing System Project Billing System Project 1.0 Billing System Project v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the component /php_action/createProduct.php. | 7.2 |
| 2022-09-29 | CVE-2022-40407 | Unrestricted Upload of File with Dangerous Type vulnerability in Chamilo 1.11 A zip slip vulnerability in the file upload function of Chamilo v1.11 allows attackers to execute arbitrary code via a crafted Zip file. | 8.8 |
| 2022-09-29 | CVE-2021-45790 | Unrestricted Upload of File with Dangerous Type vulnerability in Metersphere 1.15.4 An arbitrary file upload vulnerability was found in Metersphere v1.15.4. | 9.8 |
| 2022-09-29 | CVE-2022-40048 | Unrestricted Upload of File with Dangerous Type vulnerability in Flatpress 1.2.1 Flatpress v1.2.1 was discovered to contain a remote code execution (RCE) vulnerability in the Upload File function. | 7.2 |