CWE-434

Medium likelihood

Unrestricted Upload of File with Dangerous Type

Parent: CWE-669 - Incorrect Resource Transfer Between Spheres

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

4,018 vulnerabilities with CWE-434
CVE-2021-29377 CRITICAL
Pearadmin Think < 2.1.2 - Unrestricted File Upload
CVSS 9.8
CVE-2021-38366 HIGH
Sitecore <10.1 - Authenticated RCE
CVSS 8.8
CVE-2021-38305 HIGH
23andMe Yamale <3.0.8 - RCE
CVSS 7.8
CVE-2021-24499 CRITICAL
Amentotech Workreap < 2.2.2 - Unrestricted File Upload
CVSS 9.8
CVE-2021-34639 HIGH
WordPress Download Manager <3.1.24 - Authenticated File Upload
CVSS 7.5
CVE-2021-32594 MEDIUM
Fortinet Fortiportal < 4.0.4 - Unrestricted File Upload
CVSS 5.4
CVE-2021-36623 CRITICAL
Sourcecodester Phone Shop Sales Management System 1.0 - RCE
CVSS 9.8
CVE-2021-36622 CRITICAL
Online Covid Vaccination Scheduler System - Unrestricted File Upload
CVSS 9.8
CVE-2021-25200 CRITICAL
SourceCodester Learning Management System <1.0 - RCE
CVSS 9.8
CVE-2021-36741 HIGH KEV
Trendmicro Officescan - Unrestricted File Upload
CVSS 8.8
CVE-2021-37444 HIGH
Nchsoftware Ivm Attendant < 5.12 - Path Traversal
CVSS 8.8
CVE-2021-25208 CRITICAL
SourceCodester Travel Management System <1.0 - RCE
CVSS 9.8
CVE-2021-25206 CRITICAL
SourceCodester Responsive Ordering System <1.0 - RCE
CVSS 9.8
CVE-2021-25203 CRITICAL
Victor CMS <1.0 - RCE
CVSS 9.8
CVE-2021-25207 CRITICAL
SourceCodester E-Commerce Website <1.0 - Code Injection
CVSS 9.8
CVE-2021-25211 CRITICAL
SourceCodester Ordering System <1.0 - RCE
CVSS 9.8
CVE-2021-25210 CRITICAL
SourceCodester Alumni Management System <1.0 - RCE
CVSS 9.8
CVE-2021-34619 HIGH
Storeapps Stock Manager For Woocommerce < 2.5.7 - CSRF
CVSS 8.8
CVE-2021-35963 CRITICAL
Orca HCM - RCE
CVSS 9.8
CVE-2021-29699 MEDIUM
IBM Security Verify Access - Unrestricted File Upload
CVSS 6.8
CVE-2021-36121 HIGH
Echo ShareCare 8.15.5 - Path Traversal
CVSS 8.8
CVE-2021-30118 CRITICAL
Kaseya Vsa < 9.5.5 - Unrestricted File Upload
CVSS 9.8
CVE-2021-28931 HIGH
Fork-cms Fork Cms < 5.9.3 - Unrestricted File Upload
CVSS 8.8
CVE-2021-32538 CRITICAL
Artware Cms < 2021-01-08 - Unrestricted File Upload
CVSS 9.8
CVE-2021-34624 CRITICAL
Properfraction Profilepress < 3.1.3 - Unrestricted File Upload
CVSS 9.8
Details
Vulnerabilities 4,018
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits