CWE-434
Medium likelihoodUnrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
4,018 vulnerabilities with CWE-434
CVE-2021-4225
HIGH
SP Project & Document Manager WordPress <4.24 - Auth Bypass
CVSS 8.8
CVE-2021-39040
HIGH
IBM Planning Analytics Workspace - Unrestricted File Upload
CVSS 8.0
CVE-2021-4096
HIGH
Fancy Product Designer <4.7.5 - CSRF
CVSS 8.8
CVE-2021-46367
HIGH
RiteCMS <3.1.0 - RCE
CVSS 7.2
CVE-2021-43430
HIGH
BigAntSoft BigAnt office messenger <5.6 - Code Injection
CVSS 8.8
CVE-2021-43421
CRITICAL
Studio-42 elFinder <2.1.59 - RCE
CVSS 9.8
CVE-2021-28428
CRITICAL
HorizontCMS <1.0.0-beta.3 - RCE
CVSS 9.8
CVE-2021-32961
HIGH
MDT AutoSave <6.02.06 - Code Injection
CVSS 7.5
CVE-2021-34257
HIGH
Wpanel Cms < 4.3.1 - Unrestricted File Upload
CVSS 8.8
CVE-2021-45865
CRITICAL
Student Attendance Management System - Unrestricted File Upload
CVSS 9.8
CVE-2021-43103
HIGH
bbs 5.3 - RCE
CVSS 7.2
CVE-2021-43102
HIGH
bbs <5.3 - RCE
CVSS 7.2
CVE-2021-43101
HIGH
bbs <5.3 - RCE
CVSS 7.2
CVE-2021-43100
HIGH
bbs <5.3 - RCE
CVSS 7.2
CVE-2021-43098
HIGH
bbs <5.3 - Code Injection
CVSS 7.2
CVE-2021-40905
HIGH
CheckMK Enterprise Edition <2.0.0p9 - RCE
CVSS 8.8
CVE-2021-27428
CRITICAL
GE UR IED <8.1x - Privilege Escalation
CVSS 9.8
CVE-2021-39384
CRITICAL
Diaowen Dwsurvey - Unrestricted File Upload
CVSS 9.8
CVE-2021-45835
CRITICAL
Online Admission System 1.0 - Code Injection
CVSS 9.8
CVE-2021-45834
CRITICAL
OpenDocMan 1.4.4 - Code Injection
CVSS 9.8
CVE-2021-45040
CRITICAL
Spatie Laravel Media Library < 1.17.10 - Unrestricted File Upload
CVSS 9.8
CVE-2021-42171
HIGH
Tribalsystems Zenario < 9.0.55143 - Unrestricted File Upload
CVSS 7.2
CVE-2021-25003
CRITICAL
WPCargo Track & Trace <6.9.0 - RCE
CVSS 9.8
CVE-2021-44673
HIGH
Croogo - Unrestricted File Upload
CVSS 8.8
CVE-2021-43970
HIGH
Quicklert for Digium 10.0.0 - RCE
CVSS 8.8
Details
Vulnerabilities
4,018
Exploit Likelihood
Medium