CWE-434
Medium likelihoodUnrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
4,022 vulnerabilities with CWE-434
CVE-2015-1000000
CRITICAL
mailcwp <1.99 - RCE
CVSS 9.8
CVE-2015-4524
EMC Documentum Administrator - Unrestricted File Upload
CVE-2015-0702
Cisco Unified Meetingplace - Improper Input Validation
CVE-2014-125113
CRITICAL
Dell KACE K1000 <5.4.76849-5.5.90547 - File Upload
CVE-2014-125126
CRITICAL
Simple E-Document 3.0-3.1 - File Upload
CVE-2014-125119
HIGH
WinRAR - Info Disclosure
CVE-2014-125116
CRITICAL
HybridAuth <2.2.2 - RCE
CVE-2014-0468
CRITICAL
FusionForge <5.3+20140506 - RCE
CVSS 9.8
CVE-2014-125104
MEDIUM
Automattic Vaultpress < 1.6.1 - Unrestricted File Upload
CVSS 6.3
CVE-2014-8739
CRITICAL
jQuery File Upload Plugin <6.4.4 - RCE
CVSS 9.8
CVE-2014-2025
CRITICAL
Unspecified Third Party Tool <6.0 - RCE
CVSS 9.8
CVE-2014-3448
CRITICAL
BSS Continuity CMS Bss Continuty Cms - Unrestricted File Upload
CVSS 9.8
CVE-2014-8516
CRITICAL
Cloudfastpath Netcharts Server - Unrestricted File Upload
CVSS 9.8
CVE-2014-8337
CRITICAL
Helpdezk < 1.0.1 - Unrestricted File Upload
CVSS 9.8
CVE-2014-1214
HIGH
Projoom Smart Flash Header < 3.0.2 - Unrestricted File Upload
CVSS 8.8
CVE-2014-10074
CRITICAL
Umbraco Cms < 7.2.0 - Unrestricted File Upload
CVSS 9.8
CVE-2014-4912
CRITICAL
Frog CMS 0.9.5 - Code Injection
CVSS 9.8
CVE-2014-2592
CRITICAL
Aruba Web Mgmt - RCE
CVSS 9.8
CVE-2014-4972
CRITICAL
Gravity Upload Ajax <1.1 - RCE
CVSS 9.8
CVE-2014-2664
HIGH
X2Engine X2CRM <4.0 - RCE
CVSS 8.8
CVE-2014-9619
HIGH
Netsweeper <4.1.2 - RCE
CVSS 7.2
CVE-2014-9312
HIGH
Photo Gallery 1.2.5 - Info Disclosure
CVSS 8.8
CVE-2013-10067
CRITICAL
Glossword 1.8.8-1.8.12 - RCE
CVE-2013-10066
CRITICAL
Kordil EDMS v2.2.60rc3 - Unauthenticated RCE
CVE-2013-10054
CRITICAL
LibrettoCMS 1.1.7 - Unauthenticated RCE
Details
Vulnerabilities
4,022
Exploit Likelihood
Medium