Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-25 | CVE-2022-22392 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Planning Analytics Workspace 2.0 IBM Planning Analytics Local 2.0 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. | 7.8 |
| 2022-04-25 | CVE-2022-28053 | Unrestricted Upload of File with Dangerous Type vulnerability in Typemill 1.5.3 Typemill v1.5.3 was discovered to contain an arbitrary file upload vulnerability via the upload function. | 8.8 |
| 2022-04-21 | CVE-2022-27478 | Unrestricted Upload of File with Dangerous Type vulnerability in Victor CMS Project Victor CMS 1.0 Victor v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the component admin/profile.php?section=admin. | 8.8 |
| 2022-04-21 | CVE-2022-28021 | Unrestricted Upload of File with Dangerous Type vulnerability in Purchase Order Management System Project Purchase Order Management System 1.0 Purchase Order Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via /purchase_order/admin/?page=user. | 9.8 |
| 2022-04-21 | CVE-2022-28440 | Unrestricted Upload of File with Dangerous Type vulnerability in Ucms Project Ucms 1.6 An arbitrary file upload vulnerability in UCMS v1.6 allows attackers to execute arbitrary code via a crafted PHP file. | 8.8 |
| 2022-04-12 | CVE-2022-27139 | Unrestricted Upload of File with Dangerous Type vulnerability in Ghost 4.39.0 An arbitrary file upload vulnerability in the file upload module of Ghost v4.39.0 allows attackers to execute arbitrary code via a crafted SVG file. | 9.8 |
| 2022-04-12 | CVE-2022-27140 | Unrestricted Upload of File with Dangerous Type vulnerability in Express-Fileupload Project Express-Fileupload 1.3.1 An arbitrary file upload vulnerability in the file upload module of express-fileupload 1.3.1 allows attackers to execute arbitrary code via a crafted PHP file. | 9.8 |
| 2022-04-12 | CVE-2022-27260 | Unrestricted Upload of File with Dangerous Type vulnerability in Buttercms 1.2.8 An arbitrary file upload vulnerability in the file upload component of ButterCMS v1.2.8 allows attackers to execute arbitrary code via a crafted SVG file. | 9.8 |
| 2022-04-12 | CVE-2022-27261 | Unrestricted Upload of File with Dangerous Type vulnerability in Express-Fileupload Project Express-Fileupload 1.3.1 An arbitrary file write vulnerability in Express-FileUpload v1.3.1 allows attackers to upload multiple files with the same name, causing an overwrite of files in the web application server. | 7.5 |
| 2022-04-12 | CVE-2022-27262 | Unrestricted Upload of File with Dangerous Type vulnerability in Sailsjs Skipper 0.9.1 An arbitrary file upload vulnerability in the file upload module of Skipper v0.9.1 allows attackers to execute arbitrary code via a crafted file. | 9.8 |