CWE-434
Medium likelihoodUnrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
4,130 vulnerabilities with CWE-434
CVE-2022-30820
HIGH
Wedding Management v1.0 - File Upload
CVSS 8.8
CVE-2022-30819
HIGH
Wedding Management System v1.0 - File Upload
CVSS 8.8
CVE-2022-30808
CRITICAL
elitecms 1.0.1 - Unauthenticated Arbitrary File Upload via admin/manage_uploads.php
CVSS 9.8
CVE-2022-30506
CRITICAL
MCMS 5.2.7 - Arbitrary File Upload via ZIP File
CVSS 9.8
CVE-2022-30423
CRITICAL
Merchandise Online Store 1.0 - Remote Code Execution via User Profile Upload
CVSS 9.8
CVE-2022-29725
HIGH
wityCMS 0.6.2 - Arbitrary File Upload via Image Upload Component
CVSS 8.8
CVE-2022-29624
HIGH
TPCMS v3.2 - Arbitrary File Upload via Add File Function
CVSS 8.8
CVE-2022-24581
HIGH
ACEweb Online Portal 3.5.065 - Info Disclosure
CVSS 7.5
CVE-2022-24239
CRITICAL
ACEweb Online Portal <3.5.065 - Unrestricted File Upload
CVSS 9.8
CVE-2022-29637
HIGH
Mindoc v2.1-beta.5 - Remote Code Execution via Crafted Zip File Upload
CVSS 7.8
CVE-2022-29632
CRITICAL
Roncoo Education 9.0.0 - Arbitrary File Upload via Course API Upload Endpoint
CVSS 9.8
CVE-2022-29651
HIGH
Online Food Ordering System 1.0 - Remote Code Execution via PHP File Upload
CVSS 7.2
CVE-2022-1837
MEDIUM
Home Clean Services Management System 1.0 - Authenticated Unrestricted File Upload via register.php
CVSS 4.7
CVE-2022-1811
MEDIUM
Publify < 9.2.9 - Unrestricted Upload of File with Dangerous Type
CVSS 5.4
CVE-2022-1752
HIGH
trudesk < 1.2.2 - Unrestricted Upload of File with Dangerous Type
CVSS 8.0
CVE-2022-30887
CRITICAL
Pharmacy Management System v1.0 - RCE
CVSS 9.8
CVE-2022-28104
CRITICAL
Foxit PDF Editor 11.3.1 - Arbitrary File Upload
CVSS 9.8
CVE-2022-28927
CRITICAL
subconverter v0.7.2 - Remote Code Execution via Crafted Config and URL Parameters
CVSS 9.8
CVE-2022-22482
MEDIUM
IBM Sterling B2B Integrator Standard Edition <6.0.3.5, <6.1.1.0 - DoS
CVSS 6.5
CVE-2022-30007
HIGH
GXCMS V1.5 - Unauthenticated Arbitrary File Upload via Template Management
CVSS 7.2
CVE-2022-1409
HIGH
VikBooking Hotel Booking Engine & PMS < 1.5.8 - Authenticated Arbitrary PHP File Upload via Image Validation Bypass
CVSS 7.2
CVE-2022-1103
HIGH
Advanced Uploader < 4.2 - Authenticated Arbitrary File Upload
CVSS 8.8
CVE-2022-29623
HIGH
connect-multiparty 2.2.0 - Arbitrary File Upload via Crafted PDF File
CVSS 7.8
CVE-2022-29622
CRITICAL
formidable 3.1.4 - Arbitrary File Upload via Crafted Filename
CVSS 9.8
CVE-2022-29354
CRITICAL
Keystone 4.2.1 - Arbitrary File Upload and Remote Code Execution
CVSS 9.8
Details
Vulnerabilities
4,130
Exploit Likelihood
Medium