CWE-434
Medium likelihoodUnrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
4,021 vulnerabilities with CWE-434
CVE-2019-12548
HIGH
Bludit < 3.9.0 - Unrestricted File Upload
CVSS 8.8
CVE-2019-11185
CRITICAL
3CX Live Chat < 8.0.26 - Unrestricted File Upload
CVSS 9.8
CVE-2019-12377
CRITICAL
Ivanti LDMS <10.0.1.168 - RCE
CVSS 9.8
CVE-2019-7816
CRITICAL
ColdFusion <Update 2 - RCE
CVSS 9.8
CVE-2019-12150
CRITICAL
Karamasoft UltimateEditor 1 - Info Disclosure
CVSS 9.8
CVE-2019-6513
MEDIUM
Wso2 API Manager - Unrestricted File Upload
CVSS 5.4
CVE-2019-12185
HIGH
eLabFTW 1.8.5 - Command Injection
CVSS 8.8
CVE-2019-12170
HIGH
ATutor <2.2.4 - RCE
CVSS 8.8
CVE-2019-11887
CRITICAL
SimplyBook.me <2019-05-11 - RCE
CVSS 9.8
CVE-2019-12099
HIGH
PHP- Fusion 9.03.00 - RCE
CVSS 8.8
CVE-2019-8404
MEDIUM
Webiness Inventory - Unrestricted File Upload
CVSS 6.5
CVE-2019-10869
HIGH
Ninjaforms Ninja Forms File Uploads < 3.0.23 - Path Traversal
CVSS 8.1
CVE-2019-11807
HIGH
WooCommerce Checkout Manager <4.3 - Info Disclosure
CVSS 7.5
CVE-2019-11615
HIGH
DoorGets 7.0 - File Upload
CVSS 8.8
CVE-2019-11568
HIGH
AikCms v2.0 - Code Injection
CVSS 8.8
CVE-2019-8992
HIGH
Tibco Activematrix Bpm < 4.2.0 - Unrestricted File Upload
CVSS 8.8
CVE-2019-9951
CRITICAL
Western Digital - Unauthenticated File Upload
CVSS 9.8
CVE-2019-11447
HIGH
CutePHP CuteNews 2.1.2 - Code Injection
CVSS 8.8
CVE-2019-11446
HIGH
ATutor <2.2.4 - Command Injection
CVSS 8.8
CVE-2019-11445
HIGH
OpenKM 6.3.2-6.3.7 - RCE
CVSS 7.2
CVE-2019-11401
HIGH
SiteServer CMS 6.9.0 - RCE
CVSS 7.2
CVE-2019-11377
HIGH
WCMS v0.3.2 - Arbitrary File Upload
CVSS 8.8
CVE-2019-11344
CRITICAL
Pluck 4.7.8 - RCE
CVSS 9.8
CVE-2019-11223
CRITICAL
Supportcandy < 2.0.0 - Unrestricted File Upload
CVSS 9.8
CVE-2019-4013
CRITICAL
IBM Bigfix Platform < 9.5.11 - Unrestricted File Upload
CVSS 9.0
Details
Vulnerabilities
4,021
Exploit Likelihood
Medium