CWE-434

Medium likelihood

Unrestricted Upload of File with Dangerous Type

Parent: CWE-669 - Incorrect Resource Transfer Between Spheres

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

4,021 vulnerabilities with CWE-434
CVE-2018-12519 HIGH
ShopNx <2017-11-17 - RCE
CVSS 8.8
CVE-2018-11221 CRITICAL
Artica Pandora Fms < 7.23 - Unrestricted File Upload
CVSS 9.8
CVE-2018-12491 CRITICAL
PHPOK 4.9.032 - File Upload
CVSS 9.8
CVE-2018-12263 HIGH
portfolioCMS 1.0.5 - Code Injection
CVSS 8.8
CVE-2018-1453 HIGH
IBM Security Identity Manager Virtual Appliance 7.0 - File Upload
CVSS 8.8
CVE-2018-12051 CRITICAL
PHP Scripts Mall Schools Alert Mgmt - RCE
CVSS 9.8
CVE-2018-12045 CRITICAL
DedeCMS <V5.7SP2 - File Upload
CVSS 9.8
CVE-2018-3758 HIGH
Express-cart < 1.1.7 - Path Traversal
CVSS 8.8
CVE-2018-1265 HIGH
Cloudfoundry Cf-deployment < 1.37.0 - Unrestricted File Upload
CVSS 7.2
CVE-2018-11736 CRITICAL
Pluck < 4.7.7 - Unrestricted File Upload
CVSS 9.8
CVE-2018-11196 HIGH
Mahara < 17.04.8 - Unrestricted File Upload
CVSS 7.5
CVE-2018-11392 HIGH
Jigowatt Php Login & User Management - Unrestricted File Upload
CVSS 8.8
CVE-2018-11523 CRITICAL
Nuuo Nvrmini 2 Firmware < 3.6.5 - Unrestricted File Upload
CVSS 9.8
CVE-2018-11514 HIGH
Naukri Clone Script < 3.0.3 - Unrestricted File Upload
CVSS 8.8
CVE-2018-6411 CRITICAL
Machform - Unrestricted File Upload
CVSS 9.8
CVE-2018-11494 HIGH
Opencart < 3.0.2.0 - Path Traversal
CVSS 8.0
CVE-2018-10648 CRITICAL
Citrix XenMobile Server <10.8 - Unauthenticated File Upload
CVSS 9.8
CVE-2018-11322 HIGH
Joomla! < 3.8.8 - Unrestricted File Upload
CVSS 7.5
CVE-2018-11345 HIGH
Asustor As6202t Firmware < adm_3.1.0.rfq3 - Unrestricted File Upload
CVSS 8.8
CVE-2018-11340 HIGH
Asustor As6202t Firmware < adm_3.1.0.rfq3 - Unrestricted File Upload
CVSS 7.2
CVE-2018-11331 CRITICAL
Pluck < 4.7.6 - Unrestricted File Upload
CVSS 9.8
CVE-2018-4921 MEDIUM
Adobe Connect < 9.7 - Unrestricted File Upload
CVSS 6.1
CVE-2018-10760 HIGH
Projectpier < 0.8.8 - Unrestricted File Upload
CVSS 8.8
CVE-2018-7505 CRITICAL
Advantech Webaccess < 8.2_20170817 - Unrestricted File Upload
CVSS 9.8
CVE-2018-11098 HIGH
Frog Cms - Unrestricted File Upload
CVSS 7.2
Details
Vulnerabilities 4,021
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits