Vulnerabilities > Unrestricted Upload of File with Dangerous Type
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-11 | CVE-2022-42229 | Unrestricted Upload of File with Dangerous Type vulnerability in Wedding Planner Project Wedding Planner 1.0 Wedding Planner v1.0 is vulnerable to Arbitrary code execution via package_edit.php. | 8.8 |
2022-10-09 | CVE-2022-3436 | Unrestricted Upload of File with Dangerous Type vulnerability in Web-Based Student Clearance System Project Web-Based Student Clearance System 1.0 A vulnerability classified as critical was found in SourceCodester Web-Based Student Clearance System 1.0. | 7.5 |
2022-10-07 | CVE-2022-41379 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Leave Management System Project Online Leave Management System 1.0 An arbitrary file upload vulnerability in the component /leave_system/classes/Users.php?f=save of Online Leave Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. | 7.2 |
2022-10-07 | CVE-2022-41512 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Diagnostic LAB Management System Project Online Diagnostic LAB Management System 1.0 An arbitrary file upload vulnerability in the component /php_action/editFile.php of Online Diagnostic Lab Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. | 7.2 |
2022-10-07 | CVE-2022-42092 | Unrestricted Upload of File with Dangerous Type vulnerability in Backdropcms Backdrop CMS 1.22.0 Backdrop CMS 1.22.0 has Unrestricted File Upload vulnerability via 'themes' that allows attackers to Remote Code Execution. | 7.2 |
2022-10-03 | CVE-2022-40721 | Unrestricted Upload of File with Dangerous Type vulnerability in Creativedream File Uploader Project Creativedream File Uploader 0.3 Arbitrary file upload vulnerability in php uploader | 9.8 |
2022-10-03 | CVE-2022-3125 | Unrestricted Upload of File with Dangerous Type vulnerability in Najeebmedia Frontend File Manager The Frontend File Manager Plugin WordPress plugin before 21.3 allows any authenticated users, such as subscriber, to rename a file to an arbitrary extension, like PHP, which could allow them to basically be able to upload arbitrary files on the server and achieve RCE | 8.8 |
2022-10-03 | CVE-2022-40886 | Unrestricted Upload of File with Dangerous Type vulnerability in Dedecms 5.7.98 DedeCMS 5.7.98 has a file upload vulnerability in the background. | 7.2 |
2022-09-30 | CVE-2022-40341 | Unrestricted Upload of File with Dangerous Type vulnerability in Mojoportal 2.7.0.0 mojoPortal v2.7 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted PNG file. | 8.8 |
2022-09-30 | CVE-2022-41437 | Unrestricted Upload of File with Dangerous Type vulnerability in Billing System Project Billing System Project 1.0 Billing System Project v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the component /php_action/createProduct.php. | 7.2 |