Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-08 | CVE-2022-27357 | Unrestricted Upload of File with Dangerous Type vulnerability in Ecommerce-Website Project Ecommerce-Website 1.0 Ecommerce-Website v1 was discovered to contain an arbitrary file upload vulnerability via /customer_register.php. | 9.8 |
| 2022-04-07 | CVE-2021-43430 | Unrestricted Upload of File with Dangerous Type vulnerability in Bigantsoft Bigant Office Messenger 5 5.6 An Access Control vulnerability exists in BigAntSoft BigAnt office messenger 5.6 via im_webserver, which could let a malicious user upload PHP Trojan files. | 8.8 |
| 2022-04-07 | CVE-2021-43421 | Unrestricted Upload of File with Dangerous Type vulnerability in Std42 Elfinder A File Upload vulnerability exists in Studio-42 elFinder 2.0.4 to 2.1.59 via connector.minimal.php, which allows a remote malicious user to upload arbitrary files and execute PHP code. | 9.8 |
| 2022-04-07 | CVE-2022-26627 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Project Time Management System Project Online Project Time Management System 1.0 Online Project Time Management System v1.0 was discovered to contain an arbitrary file write vulnerability which allows attackers to execute arbitrary code via a crafted HTML file. | 8.8 |
| 2022-04-06 | CVE-2022-26605 | Unrestricted Upload of File with Dangerous Type vulnerability in Dascomsoft Eziosuite 2.0.7 eZiosuite v2.0.7 contains an authenticated arbitrary file upload via the Avatar upload functionality. | 8.8 |
| 2022-04-06 | CVE-2022-26607 | Unrestricted Upload of File with Dangerous Type vulnerability in Baigo CMS 3.0 A remote code execution (RCE) vulnerability in baigo CMS v3.0-alpha-2 was discovered to allow attackers to execute arbitrary code via uploading a crafted PHP file. | 7.2 |
| 2022-04-05 | CVE-2022-26630 | Unrestricted Upload of File with Dangerous Type vulnerability in Jellycms Jellycms v3.8.1 and below was discovered to contain an arbitrary file upload vulnerability via \app.\admin\Controllers\db.php. | 8.8 |
| 2022-04-05 | CVE-2021-28428 | Unrestricted Upload of File with Dangerous Type vulnerability in Horizontcms Project Horizontcms 1.0.0 File upload vulnerability in HorizontCMS before 1.0.0-beta.3 via uploading a .htaccess and *.hello files using the Media Files upload functionality. | 9.8 |
| 2022-04-05 | CVE-2022-26619 | Unrestricted Upload of File with Dangerous Type vulnerability in Halo 1.4.17 Halo Blog CMS v1.4.17 was discovered to allow attackers to upload arbitrary files via the Attachment Upload function. | 7.5 |
| 2022-04-04 | CVE-2020-28062 | Unrestricted Upload of File with Dangerous Type vulnerability in Hisiphp 2.0.11 An Access Control vulnerability exists in HisiPHP 2.0.11 via special packets that are constructed in $files = Dir::getList($decompath. | 7.2 |