Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-18 | CVE-2022-1565 | Unrestricted Upload of File with Dangerous Type vulnerability in Wpallimport WP ALL Import 3.4.6 The plugin WP All Import is vulnerable to arbitrary file uploads due to missing file type validation via the wp_all_import_get_gz.php file in versions up to, and including, 3.6.7. | 7.2 |
| 2022-07-18 | CVE-2022-24688 | Unrestricted Upload of File with Dangerous Type vulnerability in DSK Dsknet 2.16.136.0/2.17.136.5 An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. | 8.8 |
| 2022-07-16 | CVE-2021-36711 | Unrestricted Upload of File with Dangerous Type vulnerability in Octobot 0.4.1/0.4.2/0.4.3 WebInterface in OctoBot before 0.4.4 allows remote code execution because Tentacles upload is mishandled. | 9.8 |
| 2022-07-15 | CVE-2021-36461 | Unrestricted Upload of File with Dangerous Type vulnerability in Microweber 1.1.3 An Arbitrary File Upload vulnerability exists in Microweber 1.1.3 that allows attackers to getshell via the Settings Upload Picture section by uploading pictures with malicious code, user.ini. | 8.8 |
| 2022-07-15 | CVE-2022-32119 | Unrestricted Upload of File with Dangerous Type vulnerability in Arox School ERP PRO 1.0 Arox School ERP Pro v1.0 was discovered to contain multiple arbitrary file upload vulnerabilities via the Add Photo function at photogalleries.inc.php and the import staff excel function at 1finance_master.inc.php. | 8.8 |
| 2022-07-15 | CVE-2022-2418 | Unrestricted Upload of File with Dangerous Type vulnerability in Eveo Urve web Manager A vulnerability was found in URVE Web Manager. | 8.0 |
| 2022-07-15 | CVE-2022-2419 | Unrestricted Upload of File with Dangerous Type vulnerability in Eveo Urve web Manager A vulnerability was found in URVE Web Manager. | 8.0 |
| 2022-07-15 | CVE-2022-2420 | Unrestricted Upload of File with Dangerous Type vulnerability in Eveo Urve web Manager A vulnerability was found in URVE Web Manager. | 8.0 |
| 2022-07-14 | CVE-2022-22450 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Security Verify Governance 10.0 IBM Security Verify Identity Manager 10.0 could allow a privileged user to upload a malicious file by bypassing extension security in an HTTP request. | 3.8 |
| 2022-07-14 | CVE-2022-28369 | Unrestricted Upload of File with Dangerous Type vulnerability in Verizon Lvskihp Indoorunit Firmware 3.4.66.162 Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 does not validate the user-provided URL within the crtcmode function's enable_ssh sub-operation of the crtcrpc JSON listener (found at /lib/functions/wnc_jsonsh/crtcmode.sh) A remote attacker on the local network can provide a malicious URL. | 9.8 |