Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-15 | CVE-2022-25487 | Unrestricted Upload of File with Dangerous Type vulnerability in Thedigitalcraft Atomcms 2.0 Atom CMS v2.0 was discovered to contain a remote code execution (RCE) vulnerability via /admin/uploads.php. | 9.8 |
| 2022-03-15 | CVE-2022-25495 | Unrestricted Upload of File with Dangerous Type vulnerability in Cuppacms 1.0 The component /jquery_file_upload/server/php/index.php of CuppaCMS v1.0 allows attackers to upload arbitrary files and execute arbitrary code via a crafted PHP file. | 9.8 |
| 2022-03-15 | CVE-2022-0950 | Unrestricted Upload of File with Dangerous Type vulnerability in Showdoc Unrestricted Upload of File with Dangerous Type in GitHub repository star7th/showdoc prior to 2.10.4. | 5.4 |
| 2022-03-14 | CVE-2021-25003 | Unrestricted Upload of File with Dangerous Type vulnerability in Wptaskforce Wpcargo Track & Trace The WPCargo Track & Trace WordPress plugin before 6.9.0 contains a file which could allow unauthenticated attackers to write a PHP file anywhere on the web server, leading to RCE | 9.8 |
| 2022-03-14 | CVE-2021-42171 | Unrestricted Upload of File with Dangerous Type vulnerability in Tribalsystems Zenario 9.0.54156 Zenario CMS 9.0.54156 is vulnerable to File Upload. | 7.2 |
| 2022-03-14 | CVE-2022-24387 | Unrestricted Upload of File with Dangerous Type vulnerability in Smartertools Smartertrack With administrator or admin privileges the application can be tricked into overwriting files in app_data/Config folder, e.g. | 7.2 |
| 2022-03-11 | CVE-2022-0921 | Unrestricted Upload of File with Dangerous Type vulnerability in Microweber Abusing Backup/Restore feature to achieve Remote Code Execution in GitHub repository microweber/microweber prior to 1.2.12. | 6.7 |
| 2022-03-11 | CVE-2022-0912 | Unrestricted Upload of File with Dangerous Type vulnerability in Microweber Unrestricted Upload of File with Dangerous Type in GitHub repository microweber/microweber prior to 1.2.11. | 4.8 |
| 2022-03-10 | CVE-2021-44673 | Unrestricted Upload of File with Dangerous Type vulnerability in Croogo 3.0.2 A Remote Code Execution (RCE) vulnerability exists in Croogo 3.0.2via admin/file-manager/attachments, which lets a malicoius user upload a web shell script. | 8.8 |
| 2022-03-10 | CVE-2022-26521 | Unrestricted Upload of File with Dangerous Type vulnerability in Abantecart Abantecart through 1.3.2 allows remote authenticated administrators to execute arbitrary code by uploading an executable file, because the Catalog>Media Manager>Images settings can be changed by an administrator (e.g., by configuring .php to be a valid image file type). | 7.2 |