CWE-434

Medium likelihood

Unrestricted Upload of File with Dangerous Type

Parent: CWE-669 - Incorrect Resource Transfer Between Spheres

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

4,021 vulnerabilities with CWE-434
CVE-2018-19457 HIGH
Logicspice FAQ Script <2.9.7 - Command Injection
CVSS 7.2
CVE-2018-19424 HIGH
ClipperCMS 1.3.3 - Command Injection
CVSS 7.2
CVE-2018-19423 HIGH
Codiad 2.8.4 - Command Injection
CVSS 7.2
CVE-2018-19422 HIGH
Subrion CMS 4.2.1 - RCE
CVSS 7.2
CVE-2018-19421 LOW
GetSimpleCMS <3.3.15 - XSS
CVSS 3.8
CVE-2018-19420 LOW
GetSimpleCMS 3.3.15 - XSS
CVSS 3.8
CVE-2018-18565 MEDIUM
Roche Accu-chek Inform II Firmware - Unrestricted File Upload
CVSS 6.8
CVE-2018-18563 CRITICAL
Roche Accu-chek Inform II Firmware - Unrestricted File Upload
CVSS 9.6
CVE-2018-9209 CRITICAL
Fineuploader Php-traditional-server < 1.2.2 - Unrestricted File Upload
CVSS 9.8
CVE-2018-9207 CRITICAL
Hayageek Jquery Upload File < 4.0.2 - Unrestricted File Upload
CVSS 9.8
CVE-2018-19355 CRITICAL
PrestaShop 1.5-1.7 - RCE
CVSS 9.8
CVE-2018-18793 CRITICAL
School Event Management System - Unrestricted File Upload
CVSS 9.8
CVE-2018-0686 HIGH
NEO Debun Imap < 3.3i_r4.0 - Unrestricted File Upload
CVSS 8.8
CVE-2018-19126 CRITICAL
Prestashop < 1.6.1.23 - Unrestricted File Upload
CVSS 9.8
CVE-2018-9208 CRITICAL
Tuyoshi Jquery Picture Cut - Unrestricted File Upload
CVSS 9.8
CVE-2018-18942 HIGH
Basercms < 4.1.4 - Unrestricted File Upload
CVSS 7.2
CVE-2018-18934 CRITICAL
Popojicms - CSRF
CVSS 9.8
CVE-2018-1552 MEDIUM
IBM Robotic Process Automation With A... - Unrestricted File Upload
CVSS 5.5
CVE-2018-18888 CRITICAL
Laravelcms < 2018-04-02 - Unrestricted File Upload
CVSS 9.8
CVE-2018-18874 CRITICAL
Nconsulting Nc-cms < 2017-03-10 - Unrestricted File Upload
CVSS 9.8
CVE-2018-18830 CRITICAL
Mingsoft Mcms - Unrestricted File Upload
CVSS 9.8
CVE-2018-18771 HIGH
Lulucms Lulu Cms < 2015-05-14 - Unrestricted File Upload
CVSS 7.5
CVE-2018-18752 CRITICAL
Webiness Inventory - Unrestricted File Upload
CVSS 9.8
CVE-2018-18475 CRITICAL
Zohocorp Manageengine Opmanager - Unrestricted File Upload
CVSS 9.8
CVE-2018-18382 HIGH
Coderpixel Advanced Hrm - Unrestricted File Upload
CVSS 8.8
Details
Vulnerabilities 4,021
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits