CWE-434
Medium likelihoodUnrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
4,018 vulnerabilities with CWE-434
CVE-2022-0950
MEDIUM
Showdoc < 2.10.3 - Unrestricted File Upload
CVSS 5.4
CVE-2022-0945
MEDIUM
Showdoc < 2.10.3 - XSS
CVSS 5.4
CVE-2022-24749
MEDIUM
Sylius <1.9.10, <1.10.11, <1.11.2 - XSS
CVSS 6.1
CVE-2022-0962
MEDIUM
Showdoc < 2.10.4 - XSS
CVSS 5.4
CVE-2022-0960
MEDIUM
Showdoc < 2.10.4 - XSS
CVSS 5.4
CVE-2022-24387
CRITICAL
SmarterTrack <100.0.8019.14010 - Privilege Escalation
CVSS 9.1
CVE-2022-0930
MEDIUM
Microweber < 1.2.12 - XSS
CVSS 4.8
CVE-2022-0921
MEDIUM
Microweber < 1.2.12 - Code Injection
CVSS 6.7
CVE-2022-0912
MEDIUM
Microweber < 1.2.11 - Unrestricted File Upload
CVSS 4.8
CVE-2022-26521
HIGH
Abantecart <1.3.2 - RCE
CVSS 7.2
CVE-2022-24652
CRITICAL
sentcms 4.0.x - RCE
CVSS 9.8
CVE-2022-24651
CRITICAL
sentcms 4.0.x - RCE
CVSS 9.8
CVE-2022-0440
HIGH
Catch Themes Demo Import <2.1.1 - RCE
CVSS 7.2
CVE-2022-25115
HIGH
Home Owners Collection Management System - Unrestricted File Upload
CVSS 7.8
CVE-2022-25016
CRITICAL
Home Owners Collection Management System - Unrestricted File Upload
CVSS 9.8
CVE-2022-24254
HIGH
Extensis Portfolio <4.0 - RCE
CVSS 8.8
CVE-2022-24253
HIGH
Extensis Portfolio v4.0 - Unrestricted File Upload
CVSS 8.8
CVE-2022-24252
HIGH
Extensis Portfolio <4.0 - RCE
CVSS 8.8
CVE-2022-24251
HIGH
Extensis Portfolio v4.0 - Unrestricted File Upload
CVSS 8.8
CVE-2022-25411
CRITICAL
Max-3000 Maxsite Cms - Unrestricted File Upload
CVSS 9.8
CVE-2022-23906
HIGH
CMS Made Simple <2.2.15 - RCE
CVSS 7.2
CVE-2022-26149
HIGH
MODX Revolution <2.8.3-pl - Authenticated RCE
CVSS 7.2
CVE-2022-25360
HIGH
Watchguard Fireware < 12.1.3 - Unrestricted File Upload
CVSS 8.8
CVE-2022-23043
HIGH
Tribalsystems Zenario < 9.2.55826 - Unrestricted File Upload
CVSS 7.2
CVE-2022-24553
CRITICAL
Zfaka <= 1.4.5 - RCE
CVSS 9.8
Details
Vulnerabilities
4,018
Exploit Likelihood
Medium