Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

CVEs (4,107)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-22721 1Pnotes.net Project 1Pnotes.net Jun 17, 2026 Aug 14, 2020 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 A File Upload Vulnerability in PNotes - Andrey Gruber PNotes.NET v3.8.1.2 allows a local attacker to execute arbitrary code via the Miscellaneous " External Programs by uploading the malicious .exe file to the external p...Show more A File Upload Vulnerability in PNotes - Andrey Gruber PNotes.NET v3.8.1.2 allows a local attacker to execute arbitrary code via the Miscellaneous " External Programs by uploading the malicious .exe file to the external program.Show less
CVE-2020-17462 1Cmsmadesimple 1Cms Made Simple Jun 17, 2026 Aug 14, 2020 N/A· v4 7.8 HIGH· v3 6.5 MEDIUM· v2 CMS Made Simple 2.2.14 allows Authenticated Arbitrary File Upload because the File Manager does not block .ptar files, a related issue to CVE-2017-16798.
CVE-2020-7302 1Mcafee 1Data Loss Prevention Jun 17, 2026 Aug 13, 2020 N/A· v4 6.4 MEDIUM· v3 5.5 MEDIUM· v2 Unrestricted Upload of File with Dangerous Type in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated attackers to upload malicious files to the DLP case management section via lack of s...Show more Unrestricted Upload of File with Dangerous Type in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated attackers to upload malicious files to the DLP case management section via lack of sanity checking.Show less
CVE-2020-6293 1Sap 1Netweaver Knowledge Management Jun 17, 2026 Aug 12, 2020 N/A· v4 6.5 MEDIUM· v3 6.4 MEDIUM· v2 SAP NetWeaver (Knowledge Management), versions - 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to upload a malicious file and also to access, modify or make unavailable existing files but the impact is limit...Show more SAP NetWeaver (Knowledge Management), versions - 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to upload a malicious file and also to access, modify or make unavailable existing files but the impact is limited to the files themselves and is restricted by other policies such as access control lists and other upload file size restrictions, leading to Unrestricted File Upload.Show less
CVE-2020-15649 1Mozilla 1Firefox Esr Jun 17, 2026 Aug 10, 2020 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 Given an installed malicious file picker application, an attacker was able to steal and upload local files of their choosing, regardless of the actually files picked. Note: This issue only affected Firefox for Android....Show more Given an installed malicious file picker application, an attacker was able to steal and upload local files of their choosing, regardless of the actually files picked. Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.11.Show less
CVE-2020-17452 1Flatcore 1Flatcore Jun 17, 2026 Aug 9, 2020 N/A· v4 7.2 HIGH· v3 9.0 HIGH· v2 flatCore before 1.5.7 allows upload and execution of a .php file by an admin.
CVE-2020-14488 1Freemedsoftware 1Openclinic Ga Jun 17, 2026 Jul 29, 2020 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 OpenClinic GA 5.09.02 and 5.89.05b does not properly verify uploaded files, which may allow a low-privilege user to upload and execute arbitrary files on the system.
CVE-2020-11476 1Concretecms 1Concrete Cms Jun 17, 2026 Jul 28, 2020 N/A· v4 7.2 HIGH· v3 9.0 HIGH· v2 Concrete5 before 8.5.3 allows Unrestricted Upload of File with Dangerous Type such as a .phar file.
CVE-2020-9309 1Silverstripe 2Mimevalidator Recipe Jun 17, 2026 Jul 15, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Silverstripe CMS through 4.5 can be susceptible to script execution from malicious upload contents under allowed file extensions (for example HTML code in a TXT file). When these files are stored as protected or draft fi...Show more Silverstripe CMS through 4.5 can be susceptible to script execution from malicious upload contents under allowed file extensions (for example HTML code in a TXT file). When these files are stored as protected or draft files, the MIME detection can cause browsers to execute the file contents. Uploads stored as protected or draft files are allowed by default for authorised users only, but can also be enabled through custom logic as well as modules such as silverstripe/userforms. Sites using the previously optional silverstripe/mimevalidator module can configure MIME whitelists rather than extension whitelists, and hence prevent this issue. Sites on the Common Web Platform (CWP) use this module by default, and are not affected.Show less
CVE-2020-14066 1Icewarp 1Mail Server Jun 17, 2026 Jul 15, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 IceWarp Email Server 12.3.0.1 allows remote attackers to upload JavaScript files that are dangerous for clients to access.
CVE-2020-14065 1Icewarp 1Mail Server Jun 17, 2026 Jul 15, 2020 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 IceWarp Email Server 12.3.0.1 allows remote attackers to upload files and consume disk space.
CVE-2020-12854 1Seczetta 1Neprofile Jun 17, 2026 Jul 15, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A remote code execution vulnerability was identified in SecZetta NEProfile 3.3.11. Authenticated remote adversaries can invoke code execution upon uploading a carefully crafted JPEG file as part of the profile avatar.
CVE-2020-1469 1Microsoft 1Bond Jun 17, 2026 Jul 14, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A denial of service vulnerability exists when the .NET implementation of Bond improperly parses input, aka 'Bond Denial of Service Vulnerability'.
CVE-2019-20897 1Atlassian 4Jira Jira Data CenterJira Server+1 more Jun 17, 2026 Jul 13, 2020 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 The avatar upload feature in affected versions of Atlassian Jira Server and Data Center allows remote attackers to achieve Denial of Service via a crafted PNG file. The affected versions are before version 8.5.4, from ve...Show more The avatar upload feature in affected versions of Atlassian Jira Server and Data Center allows remote attackers to achieve Denial of Service via a crafted PNG file. The affected versions are before version 8.5.4, from version 8.6.0 before 8.6.2, and from version 8.7.0 before 8.7.1.Show less
CVE-2020-8181 1Nextcloud 1Contacts Jun 17, 2026 Jul 10, 2020 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 A missing file type check in Nextcloud Contacts 3.2.0 allowed a malicious user to upload any file as avatars.
CVE-2020-13994 1Mods For Hesk 1Mods For Hesk Jun 17, 2026 Jul 9, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 An issue was discovered in Mods for HESK 3.1.0 through 2019.1.0. A privileged user can achieve code execution on the server via a ticket because of improper access control of uploaded resources. This might be exploitable...Show more An issue was discovered in Mods for HESK 3.1.0 through 2019.1.0. A privileged user can achieve code execution on the server via a ticket because of improper access control of uploaded resources. This might be exploitable in conjunction with CVE-2020-13992 by an unauthenticated attacker.Show less
CVE-2020-13443 1Expressionengine 1Expressionengine Jun 17, 2026 Jun 24, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 ExpressionEngine before 5.3.2 allows remote attackers to upload and execute arbitrary code in a .php%20 file via Compose Msg, Add attachment, and Save As Draft actions. A user with low privileges (member) is able to uplo...Show more ExpressionEngine before 5.3.2 allows remote attackers to upload and execute arbitrary code in a .php%20 file via Compose Msg, Add attachment, and Save As Draft actions. A user with low privileges (member) is able to upload this. It is possible to bypass the MIME type check and file-extension check while uploading new files. Short aliases are not used for an attachment; instead, direct access is allowed to the uploaded files. It is possible to upload PHP only if one has member access, or registration/forum is enabled and one can create a member with the default group id of 5. To exploit this, one must to be able to send and compose messages (at least).Show less
CVE-2020-13887 1Kordil Edms Project 1Kordil Edms Jun 17, 2026 Jun 22, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 documents_add.php in Kordil EDMS through 2.2.60rc3 allows Remote Command Execution because .php files can be uploaded to the documents folder.
CVE-2020-8162 2Debian Rubyonrails 2Debian Linux Rails Jun 17, 2026 Jun 19, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A client side enforcement of server side security vulnerability exists in rails < 5.2.4.2 and rails < 6.0.3.1 ActiveStorage's S3 adapter that allows the Content-Length of a direct file upload to be modified by an end use...Show more A client side enforcement of server side security vulnerability exists in rails < 5.2.4.2 and rails < 6.0.3.1 ActiveStorage's S3 adapter that allows the Content-Length of a direct file upload to be modified by an end user bypassing upload limits.Show less
CVE-2020-12005 1Rockwellautomation 2Factorytalk Linx Rslinx Classic Jun 17, 2026 Jun 15, 2020 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryT...Show more FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 and later, Studio 5000 Launcher: Version 31 and later Stud, 5000 Logix Designer software: Version 32 and prior is vulnerable. A vulnerability exists in the communication function that enables users to upload EDS files by FactoryTalk Linx. This may allow an attacker to upload a file with bad compression, consuming all the available CPU resources, leading to a denial-of-service condition.Show less

Previous 1...173174175...206 Next