Vulnerabilities > Unrestricted Upload of File with Dangerous Type
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-02-24 | CVE-2022-25360 | Unrestricted Upload of File with Dangerous Type vulnerability in Watchguard Fireware 12.1.3/12.5.9/12.7.2 WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to upload files to arbitrary locations. | 6.5 |
2022-02-21 | CVE-2022-24553 | Unrestricted Upload of File with Dangerous Type vulnerability in Zfaka Project Zfaka An issue was found in Zfaka <= 1.4.5. | 7.5 |
2022-02-19 | CVE-2022-23375 | Unrestricted Upload of File with Dangerous Type vulnerability in Wikidocs 0.1.18 WikiDocs version 0.1.18 has an authenticated remote code execution vulnerability. | 6.5 |
2022-02-19 | CVE-2022-0409 | Unrestricted Upload of File with Dangerous Type vulnerability in Showdoc Unrestricted Upload of File with Dangerous Type in Packagist showdoc/showdoc prior to 2.10.2. | 6.8 |
2022-02-18 | CVE-2021-46036 | Unrestricted Upload of File with Dangerous Type vulnerability in Mingsoft Mcms 5.2.4 An arbitrary file upload vulnerability in the component /ms/file/uploadTemplate.do of MCMS v5.2.4 allows attackers to execute arbitrary code. | 7.5 |
2022-02-16 | CVE-2022-24984 | Unrestricted Upload of File with Dangerous Type vulnerability in Jqueryform Forms generated by JQueryForm.com before 2022-02-05 (if file-upload capability is enabled) allow remote unauthenticated attackers to upload executable files and achieve remote code execution. | 6.8 |
2022-02-14 | CVE-2022-23390 | Unrestricted Upload of File with Dangerous Type vulnerability in Diyhi BBS Forum An issue in the getType function of BBS Forum v5.3 and below allows attackers to upload arbitrary files. | 7.5 |
2022-02-11 | CVE-2021-22803 | Unrestricted Upload of File with Dangerous Type vulnerability in Schneider-Electric Interactive Graphical Scada System Data Collector A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could lead to remote code execution through a number of paths, when an attacker, writes arbitrary files to folders in context of the DC module, by sending constructed messages on the network. | 7.5 |
2022-02-11 | CVE-2020-13675 | Unrestricted Upload of File with Dangerous Type vulnerability in Drupal Drupal's JSON:API and REST/File modules allow file uploads through their HTTP APIs. | 7.5 |
2022-02-09 | CVE-2022-23048 | Unrestricted Upload of File with Dangerous Type vulnerability in Exponentcms Exponent CMS 2.6.0 Exponent CMS 2.6.0patch2 allows an authenticated admin user to upload a malicious extension in the format of a ZIP file with a PHP file inside it. | 6.5 |