Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-28 | CVE-2021-43103 | Unrestricted Upload of File with Dangerous Type vulnerability in Diyhi BBS 5.3 A File Upload vulnerability exists in bbs 5.3 is via ForumManageAction.java in a GetType function, which lets a remote malicious user execute arbitrary code. | 7.2 |
| 2022-03-25 | CVE-2021-40905 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products The web management console of CheckMK Enterprise Edition (versions 1.5.0 to 2.0.0p9) does not properly sanitise the uploading of ".mkp" files, which are Extension Packages, making remote code execution possible. | 8.8 |
| 2022-03-23 | CVE-2022-23880 | Unrestricted Upload of File with Dangerous Type vulnerability in Taogogo Taocms 3.0.2 An arbitrary file upload vulnerability in the File Management function module of taoCMS v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file. | 9.8 |
| 2022-03-23 | CVE-2021-27428 | Unrestricted Upload of File with Dangerous Type vulnerability in GE products GE UR IED firmware versions prior to version 8.1x supports upgrading firmware using UR Setup configuration tool – Enervista UR Setup. | 9.8 |
| 2022-03-23 | CVE-2022-0888 | Unrestricted Upload of File with Dangerous Type vulnerability in Ninjaforms Ninja Forms File Uploads The Ninja Forms - File Uploads Extension WordPress plugin is vulnerable to arbitrary file uploads due to insufficient input file type validation found in the ~/includes/ajax/controllers/uploads.php file which can be bypassed making it possible for unauthenticated attackers to upload malicious files that can be used to obtain remote code execution, in versions up to and including 3.3.0 | 9.8 |
| 2022-03-23 | CVE-2022-22952 | Unrestricted Upload of File with Dangerous Type vulnerability in VMWare Carbon Black APP Control VMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7.4 and 8.8.x prior to 8.8.2) contains a file upload vulnerability. | 9.1 |
| 2022-03-23 | CVE-2022-1033 | Unrestricted Upload of File with Dangerous Type vulnerability in Craterapp Crater Unrestricted Upload of File with Dangerous Type in GitHub repository crater-invoice/crater prior to 6.0.6. | 7.8 |
| 2022-03-22 | CVE-2022-1034 | Unrestricted Upload of File with Dangerous Type vulnerability in Showdoc There is a Unrestricted Upload of File vulnerability in ShowDoc v2.10.3 in GitHub repository star7th/showdoc prior to 2.10.4. | 7.2 |
| 2022-03-21 | CVE-2022-23346 | Unrestricted Upload of File with Dangerous Type vulnerability in Bigantsoft Bigant Server 5.6.06 BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control issues. | 8.8 |
| 2022-03-21 | CVE-2022-0415 | Unrestricted Upload of File with Dangerous Type vulnerability in Gogs Remote Command Execution in uploading repository file in GitHub repository gogs/gogs prior to 0.12.6. | 8.8 |