Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-15 | CVE-2022-2420 | Unrestricted Upload of File with Dangerous Type vulnerability in Eveo Urve web Manager A vulnerability was found in URVE Web Manager. | 8.0 |
| 2022-07-14 | CVE-2022-22450 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Security Verify Governance 10.0 IBM Security Verify Identity Manager 10.0 could allow a privileged user to upload a malicious file by bypassing extension security in an HTTP request. | 3.8 |
| 2022-07-14 | CVE-2022-28369 | Unrestricted Upload of File with Dangerous Type vulnerability in Verizon Lvskihp Indoorunit Firmware 3.4.66.162 Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 does not validate the user-provided URL within the crtcmode function's enable_ssh sub-operation of the crtcrpc JSON listener (found at /lib/functions/wnc_jsonsh/crtcmode.sh) A remote attacker on the local network can provide a malicious URL. | 9.8 |
| 2022-07-14 | CVE-2022-28372 | Unrestricted Upload of File with Dangerous Type vulnerability in Verizon products On Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 and OutDoorUnit (ODU) 3.33.101.0 devices, the CRTC and ODU RPC endpoints provide a means of provisioning a firmware update for the device via crtc_fw_upgrade or crtcfwimage. | 7.5 |
| 2022-07-13 | CVE-2022-32114 | Unrestricted Upload of File with Dangerous Type vulnerability in Strapi 4.1.12 An unrestricted file upload vulnerability in the Add New Assets function of Strapi 4.1.12 allows attackers to conduct XSS attacks via a crafted PDF file. | 8.8 |
| 2022-07-12 | CVE-2022-31134 | Unrestricted Upload of File with Dangerous Type vulnerability in Zulip Server Zulip is an open-source team collaboration tool. | 4.9 |
| 2022-07-12 | CVE-2022-2297 | Unrestricted Upload of File with Dangerous Type vulnerability in Oretnom23 Clinic'S Patient Management System 2.0 A vulnerability, which was classified as critical, was found in SourceCodester Clinics Patient Management System 2.0. | 8.8 |
| 2022-07-07 | CVE-2021-29281 | Unrestricted Upload of File with Dangerous Type vulnerability in GFI Archiver File upload vulnerability in GFI Mail Archiver versions up to and including 15.1 via insecure implementation of Telerik Web UI plugin which is affected by CVE-2014-2217, and CVE-2017-11317. | 9.8 |
| 2022-07-07 | CVE-2015-1784 | Unrestricted Upload of File with Dangerous Type vulnerability in Imagely Nextgen Gallery In nextgen-galery wordpress plugin before 2.0.77.3 there are two vulnerabilities which can allow an attacker to gain full access over the web application. | 8.8 |
| 2022-07-07 | CVE-2022-31854 | Unrestricted Upload of File with Dangerous Type vulnerability in Codologic Codoforum 5.1 Codoforum v5.1 was discovered to contain an arbitrary file upload vulnerability via the logo change option in the admin panel. | 7.2 |