Vulnerabilities > Unrestricted Upload of File with Dangerous Type
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-06-24 | CVE-2021-38945 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products IBM Cognos Analytics 11.2.1, 11.2.0, and 11.1.7 could allow a remote attacker to upload arbitrary files, caused by improper content validation. | 9.8 |
2022-06-24 | CVE-2013-1916 | Unrestricted Upload of File with Dangerous Type vulnerability in User Photo Project User Photo 0.9.4 In WordPress Plugin User Photo 0.9.4, when a photo is uploaded, it is only partially validated and it is possible to upload a backdoor on the server hosting WordPress. | 8.5 |
2022-06-24 | CVE-2022-1519 | Unrestricted Upload of File with Dangerous Type vulnerability in Illumina Local RUN Manager 1.3/2.0/3.1 LRM does not restrict the types of files that can be uploaded to the affected product. | 10.0 |
2022-06-24 | CVE-2022-2102 | Unrestricted Upload of File with Dangerous Type vulnerability in Secheron Sepcos Control and Protection Relay Firmware Controls limiting uploads to certain file extensions may be bypassed. | 5.0 |
2022-06-23 | CVE-2021-40954 | Unrestricted Upload of File with Dangerous Type vulnerability in Laiketui 3.5.0 Laiketui 3.5.0 is affected by an arbitrary file upload vulnerability that can allow an attacker to execute arbitrary code. | 7.5 |
2022-06-23 | CVE-2022-31362 | Unrestricted Upload of File with Dangerous Type vulnerability in Docebo 4.0.5 Docebo Community Edition v4.0.5 and below was discovered to contain an arbitrary file upload vulnerability. | 8.8 |
2022-06-21 | CVE-2022-31374 | Unrestricted Upload of File with Dangerous Type vulnerability in Contec Sv-Cpt-Mc310 Firmware 6.0 An arbitrary file upload vulnerability /images/background/1.php in of SolarView Compact 6.0 allows attackers to execute arbitrary code via a crafted php file. | 7.5 |
2022-06-20 | CVE-2022-2128 | Unrestricted Upload of File with Dangerous Type vulnerability in Trudesk Project Trudesk Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.4. | 7.5 |
2022-06-20 | CVE-2022-1939 | Unrestricted Upload of File with Dangerous Type vulnerability in Allow SVG Files Project Allow SVG Files The Allow svg files WordPress plugin before 1.1 does not properly validate uploaded files, which could allow high privilege users such as admin to upload PHP files even when they are not allowed to | 6.5 |
2022-06-20 | CVE-2017-20063 | Unrestricted Upload of File with Dangerous Type vulnerability in Elefantcms Elefant CMS 1.3.12 A vulnerability was found in Elefant CMS 1.3.12-RC. | 6.5 |