CWE-434
Medium likelihoodUnrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
4,139 vulnerabilities with CWE-434
CVE-2006-5845
Speedywiki 2.0 - Authenticated Unrestricted File Upload via upload Parameter
CVE-2006-4558
DeluxeBB < 1.06 - Remote Code Execution via Double Extension File Upload
CVE-2006-4471
Joomla! < 1.0.11 - Authenticated Unrestricted File Upload via Admin Upload Image
CVE-2006-2428
DUware DUbanner 3.1 - Unauthenticated Arbitrary File Upload via add.asp
CVE-2005-3288
Mailsite Express - Unauthenticated Arbitrary File Upload and Remote Code Execution via Compose Page Attachment
CVE-2005-1868
i-man < 0.9 - Remote Code Execution via PHP File Upload
CVE-2005-1881
YaPiG 0.92b, 0.93u, 0.94u - Unauthenticated Arbitrary File Upload via upload.php
CVE-2005-0254
LOW
BibORB 1.3.2 - Unrestricted Upload of File with Dangerous Type
CVSS 3.7
CVE-2004-2262
e107 < 0.617 - Remote Code Execution via ImageManager PHP File Upload
CVE-2002-1841
NOLA 1.1.1-1.1.2 - Unrestricted Upload of Dangerous File Types
CVE-2001-0901
Hypermail - Remote Code Execution via .shtml Attachment Upload
CVE-2001-1099
Norton AntiVirus for Microsoft Exchange 2000 2.x - Info Disclosure
CVE-2001-0340
Microsoft Exchange Server 2000 - Unrestricted Upload of File with Dangerous Type via OWA Message Attachment
CVE-1999-0036
HIGH
IRIX - Unrestricted File Upload via Login Program LOCKOUT Parameter
CVSS 8.4
Details
Vulnerabilities
4,139
Exploit Likelihood
Medium