Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-18 | CVE-2021-38697 | Unrestricted Upload of File with Dangerous Type vulnerability in Softvibe Saraban 1.1 SoftVibe SARABAN for INFOMA 1.1 allows Unauthenticated unrestricted File Upload, that allows attackers to upload files with any file extension which can lead to arbitrary code execution. | 9.8 |
| 2022-01-18 | CVE-2021-41550 | Unrestricted Upload of File with Dangerous Type vulnerability in Leostream Connection Broker 9.0.40.17 Leostream Connection Broker 9.0.40.17 allows administrator to upload and execute Perl code. | 7.2 |
| 2022-01-15 | CVE-2021-33828 | Unrestricted Upload of File with Dangerous Type vulnerability in Owncloud Files Antivirus The files_antivirus component before 1.0.0 for ownCloud mishandles the protection mechanism by which malicious files (that have been uploaded to a public share) are supposed to be deleted upon detection. | 8.8 |
| 2022-01-13 | CVE-2021-34995 | Unrestricted Upload of File with Dangerous Type vulnerability in Commvault Commcell 11.22.22 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. | 8.8 |
| 2022-01-13 | CVE-2021-34997 | Unrestricted Upload of File with Dangerous Type vulnerability in Commvault Commcell 11.22.22 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. | 8.8 |
| 2022-01-12 | CVE-2021-45411 | Unrestricted Upload of File with Dangerous Type vulnerability in Printable Staff ID Card Creator System Project Printable Staff ID Card Creator System 1.0 In Sourcecodetester Printable Staff ID Card Creator System 1.0 after compromising the database via SQLi, an attacker can log in and leverage an arbitrary file upload vulnerability to obtain remote code execution. | 9.8 |
| 2022-01-12 | CVE-2021-44651 | Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Log360 and Manageengine Cloud Security Plus Zoho ManageEngine CloudSecurityPlus before Build 4117 allows remote code execution through the updatePersonalizeSettings component due to an improper security patch for CVE-2021-40175. | 8.8 |
| 2022-01-11 | CVE-2021-43973 | Unrestricted Upload of File with Dangerous Type vulnerability in Sysaid 20.4.74 An unrestricted file upload vulnerability in /UploadPsIcon.jsp in SysAid ITIL 20.4.74 b10 allows a remote authenticated attacker to upload an arbitrary file via the file parameter in the HTTP POST body. | 8.8 |
| 2022-01-06 | CVE-2021-46078 | Unrestricted Upload of File with Dangerous Type vulnerability in Vehicle Service Management System Project Vehicle Service Management System An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. | 4.8 |
| 2022-01-06 | CVE-2021-46079 | Unrestricted Upload of File with Dangerous Type vulnerability in Vehicle Service Management System Project Vehicle Service Management System An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. | 7.2 |