CWE-434
Medium likelihoodUnrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
4,018 vulnerabilities with CWE-434
CVE-2021-21131
MEDIUM
Google Chrome <88.0.4324.96 - Info Disclosure
CVSS 6.5
CVE-2021-26918
CRITICAL
Bot < 2021-02-08 - Unrestricted File Upload
CVSS 9.8
CVE-2021-3378
CRITICAL
Fortilogger < 5.2.0 - Unrestricted File Upload
CVSS 9.8
CVE-2021-3164
HIGH
Churchdesk Churchrota - Unrestricted File Upload
CVSS 8.8
CVE-2021-22698
HIGH
EcoStruxure Power Build - Rapsody < V2.1.13 - Buffer Overflow
CVSS 7.8
CVE-2021-22697
HIGH
EcoStruxure Power Build - Rapsody < V2.1.13 - Use After Free
CVSS 7.8
CVE-2021-3166
HIGH
Asus Dsl-n14u B1 Firmware - Unrestricted File Upload
CVSS 7.5
CVE-2021-21245
CRITICAL
OneDev <4.0.3 - Code Injection
CVSS 10.0
CVE-2020-37117
HIGH
jizhiCMS 1.6.7 - File Download
CVSS 8.8
CVE-2020-37084
HIGH
School ERP Pro 1.0 - RCE
CVSS 7.2
CVE-2020-37090
CRITICAL
School ERP Pro 1.0 - RCE
CVSS 9.8
CVE-2020-37073
HIGH
Victor CMS 1.0 - Authenticated RCE
CVSS 8.8
CVE-2020-37113
HIGH
GUnet OpenEclass 1.7.3 - Auth Bypass
CVSS 8.8
CVE-2020-37023
HIGH
Koken CMS <0.22.24 - Auth Bypass
CVSS 8.8
CVE-2020-37009
HIGH
MedDream PACS Server 6.8.3.751 - Authenticated RCE
CVSS 8.8
CVE-2020-36973
MEDIUM
PDW File Browser 1.3 - RCE
CVSS 6.5
CVE-2020-36942
HIGH
Victor CMS 1.0 - RCE
CVSS 8.8
CVE-2020-36897
CRITICAL
QiHang Media Web Digital Signage 3.0.9 - RCE
CVSS 9.8
CVE-2020-36882
HIGH
Flexsense DiskBoss 7.7.14 - DoS
CVSS 7.5
CVE-2020-36863
HIGH
Nagios XI <5.7.2 - RCE
CVSS 8.8
CVE-2020-36849
CRITICAL
AIT CSV Import/Export <3.0.3 - RCE
CVSS 9.8
CVE-2020-36847
CRITICAL
Simple-File-List Plugin <4.2.2 - RCE
CVSS 9.8
CVE-2020-36842
HIGH
WPvivid <0.9.35 - RCE
CVSS 8.8
CVE-2020-22539
HIGH
Codoforum <4.9 - RCE
CVSS 7.2
CVE-2020-36825
MEDIUM
cyberaz0r WebRAT <20191222 - Unrestricted Upload
CVSS 6.3
Details
Vulnerabilities
4,018
Exploit Likelihood
Medium