Vulnerabilities > Unrestricted Upload of File with Dangerous Type
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-03-29 | CVE-2021-45865 | Unrestricted Upload of File with Dangerous Type vulnerability in Student Attendance Management System Project Student Attendance Management System 1.0 A File Upload vulnerability exists in Sourcecodester Student Attendance Manageent System 1.0 via the file upload functionality. | 7.5 |
2022-03-28 | CVE-2021-43098 | Unrestricted Upload of File with Dangerous Type vulnerability in Diyhi BBS 5.3 A File Upload vulnerability exists in bbs v5.3 via QuestionManageAction.java in a getType function. | 6.5 |
2022-03-28 | CVE-2021-43100 | Unrestricted Upload of File with Dangerous Type vulnerability in Diyhi BBS 5.3 A File Upload vulnerability exists in bbs 5.3 is via TopicManageAction.java in a GetType function, which lets a remote malicious user execute arbitrary code. | 6.5 |
2022-03-28 | CVE-2021-43101 | Unrestricted Upload of File with Dangerous Type vulnerability in Diyhi BBS 5.3 A File Upload vulnerability exists in bbs 5.3 is via MembershipCardManageAction.java in a GetType function, which lets a remote malicious user execute arbitrary code. | 6.5 |
2022-03-28 | CVE-2021-43102 | Unrestricted Upload of File with Dangerous Type vulnerability in Diyhi BBS 5.3 A File Upload vulnerability exists in bbs 5.3 is via HelpManageAction.java in a GetType function, which lets a remote malicious user execute arbitrary code. | 6.5 |
2022-03-28 | CVE-2021-43103 | Unrestricted Upload of File with Dangerous Type vulnerability in Diyhi BBS 5.3 A File Upload vulnerability exists in bbs 5.3 is via ForumManageAction.java in a GetType function, which lets a remote malicious user execute arbitrary code. | 6.5 |
2022-03-28 | CVE-2022-0499 | Unrestricted Upload of File with Dangerous Type vulnerability in Sermon Browser Project Sermon Browser The Sermon Browser WordPress plugin through 0.45.22 does not have CSRF checks in place when uploading Sermon files, and does not validate them in any way, allowing attackers to make a logged in admin upload arbitrary files such as PHP ones. | 6.8 |
2022-03-25 | CVE-2021-40905 | Unrestricted Upload of File with Dangerous Type vulnerability in Tribe29 Checkmk The web management console of CheckMK Enterprise Edition (versions 1.5.0 to 2.0.0p9) does not properly sanitise the uploading of ".mkp" files, which are Extension Packages, making remote code execution possible. | 8.8 |
2022-03-23 | CVE-2022-23880 | Unrestricted Upload of File with Dangerous Type vulnerability in Taogogo Taocms 3.0.2 An arbitrary file upload vulnerability in the File Management function module of taoCMS v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file. | 7.5 |
2022-03-23 | CVE-2021-27428 | Unrestricted Upload of File with Dangerous Type vulnerability in GE products GE UR IED firmware versions prior to version 8.1x supports upgrading firmware using UR Setup configuration tool – Enervista UR Setup. | 7.5 |