CWE-434

Medium likelihood

Unrestricted Upload of File with Dangerous Type

Parent: CWE-669 - Incorrect Resource Transfer Between Spheres

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

4,018 vulnerabilities with CWE-434
CVE-2021-34623 CRITICAL
Properfraction Profilepress < 3.1.3 - Unrestricted File Upload
CVSS 9.8
CVE-2021-20104 HIGH
Machform < 16 - Unrestricted File Upload
CVSS 8.1
CVE-2021-34427 CRITICAL
Eclipse Business Intelligence And Rep... - Improper Input Validation
CVSS 9.8
CVE-2021-34074 CRITICAL
Pandorafms Pandora Fms < 754 - Unrestricted File Upload
CVSS 9.8
CVE-2021-28976 HIGH
Get-simple Getsimplecms < 3.3.15 - Unrestricted File Upload
CVSS 7.2
CVE-2021-24376 CRITICAL
Autoptimize < 2.7.8 - Unrestricted File Upload
CVSS 9.8
CVE-2021-24370 CRITICAL
Radykal Fancy Product Designer < 4.6.9 - Unrestricted File Upload
CVSS 9.8
CVE-2021-32243 HIGH
Fogproject - Unrestricted File Upload
CVSS 8.8
CVE-2021-34551 HIGH
Phpmailer < 6.5.0 - Unrestricted File Upload
CVSS 8.1
CVE-2021-27489 HIGH
ZOLL Defibrillator Dashboard <2.2 - RCE
CVSS 8.8
CVE-2021-34128 HIGH
Laiketui - Unrestricted File Upload
CVSS 8.8
CVE-2021-23394 HIGH
Std42 Elfinder < 2.1.58 - Unrestricted File Upload
CVSS 8.1
CVE-2021-26828 HIGH KEV
Scadabr < 0.9.1 - Unrestricted File Upload
CVSS 8.8
CVE-2021-26473 CRITICAL
Vembu Bdr Suite < 4.2.0.1 - Unrestricted File Upload
CVSS 9.8
CVE-2021-3277 HIGH
Nagios XI <5.7.5 - RCE
CVSS 7.2
CVE-2021-32661 MEDIUM
Backstage <0.9.5 - XSS
CVSS 6.8
CVE-2021-32660 MEDIUM
@backstage/tehdocs-common <0.6.4 - Info Disclosure
CVSS 6.8
CVE-2021-29092 HIGH
Synology Photo Station < 6.8.14-3500 - Unrestricted File Upload
CVSS 8.8
CVE-2021-24311 HIGH
External Media < 1.0.34 - Unrestricted File Upload
CVSS 8.8
CVE-2021-31703 CRITICAL
Frontiersoftware Ichris < 5.18 - Unrestricted File Upload
CVSS 9.8
CVE-2021-32630 CRITICAL
Admidio < 4.0.4 - Unrestricted File Upload
CVSS 9.6
CVE-2021-27459 CRITICAL
Emerson Rosemount X-STREAM - Code Injection
CVSS 9.8
CVE-2021-20721 CRITICAL
KonaWiki2 <2.2.4 - RCE
CVSS 9.8
CVE-2021-32622 MEDIUM
Matrix-react-sdk < 3.21.0 - Injection
CVSS 4.2
CVE-2021-24284 CRITICAL
Kaswara < 3.0.1 - Unrestricted File Upload
CVSS 9.8
Details
Vulnerabilities 4,018
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits