Vulnerabilities > Unrestricted Upload of File with Dangerous Type
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-04-25 | CVE-2021-39040 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Planning Analytics Workspace 2.0 IBM Planning Analytics Workspace 2.0 could be vulnerable to malicious file upload by not validating the file types or sizes. | 6.0 |
2022-04-25 | CVE-2021-4225 | Unrestricted Upload of File with Dangerous Type vulnerability in Smartypantsplugins SP Project & Document Manager The SP Project & Document Manager WordPress plugin before 4.24 allows any authenticated users, such as subscribers, to upload files. | 6.5 |
2022-04-25 | CVE-2022-22392 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Planning Analytics Workspace 2.0 IBM Planning Analytics Local 2.0 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. | 6.8 |
2022-04-25 | CVE-2022-28053 | Unrestricted Upload of File with Dangerous Type vulnerability in Typemill 1.5.3 Typemill v1.5.3 was discovered to contain an arbitrary file upload vulnerability via the upload function. | 6.5 |
2022-04-21 | CVE-2022-27478 | Unrestricted Upload of File with Dangerous Type vulnerability in Victor CMS Project Victor CMS 1.0 Victor v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the component admin/profile.php?section=admin. | 6.5 |
2022-04-21 | CVE-2022-28021 | Unrestricted Upload of File with Dangerous Type vulnerability in Purchase Order Management System Project Purchase Order Management System 1.0 Purchase Order Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via /purchase_order/admin/?page=user. | 7.5 |
2022-04-21 | CVE-2022-28440 | Unrestricted Upload of File with Dangerous Type vulnerability in Ucms Project Ucms 1.6 An arbitrary file upload vulnerability in UCMS v1.6 allows attackers to execute arbitrary code via a crafted PHP file. | 6.5 |
2022-04-19 | CVE-2022-27862 | Unrestricted Upload of File with Dangerous Type vulnerability in Vikwp Vikbooking Hotel Booking Engine & Property Management System Plugin Arbitrary File Upload leading to RCE in E4J s.r.l. | 7.5 |
2022-04-13 | CVE-2022-1345 | Unrestricted Upload of File with Dangerous Type vulnerability in Organizr Stored XSS viva .svg file upload in GitHub repository causefx/organizr prior to 2.1.1810. | 3.5 |
2022-04-12 | CVE-2022-27139 | Unrestricted Upload of File with Dangerous Type vulnerability in Ghost 4.39.0 An arbitrary file upload vulnerability in the file upload module of Ghost v4.39.0 allows attackers to execute arbitrary code via a crafted SVG file. | 9.8 |