CWE-434

Medium likelihood

Unrestricted Upload of File with Dangerous Type

Parent: CWE-669 - Incorrect Resource Transfer Between Spheres

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

4,016 vulnerabilities with CWE-434
CVE-2024-48093 HIGH
Operately <0.1.0 - RCE
CVSS 8.0
CVE-2024-48202 CRITICAL
Thecosy Icecms < 3.4.7 - Unrestricted File Upload
CVSS 9.8
CVE-2024-48646 HIGH
Sage Frp 1000 - Unrestricted File Upload
CVSS 8.1
CVE-2024-50511 CRITICAL
WP donimedia carousel <1.0.1 - RCE
CVSS 9.9
CVE-2024-50510 CRITICAL
Web and Print Design AR For Woocommerce <6.2 - RCE
CVSS 10.0
CVE-2024-7985 HIGH
FileOrganizer <1.0.9 - RCE
CVSS 7.5
CVE-2024-50473 CRITICAL
Ajar in5 Embed <3.1.3 - RCE
CVSS 10.0
CVE-2024-50427 CRITICAL
SurveyJS: Drag & Drop WordPress Form Builder <= 1.9.136 - Unrestricted File Upload
CVSS 9.9
CVE-2024-50420 CRITICAL
aDirectory <1.3 - RCE
CVSS 10.0
CVE-2024-50494 CRITICAL
Amin Omer Sudan Payment Gateway for WooCommerce <1.2.2 - RCE
CVSS 10.0
CVE-2024-50493 CRITICAL
masterhomepage <1.0.4 - RCE
CVSS 10.0
CVE-2024-50484 CRITICAL
mahlamusa Multi Purpose Mail Form <1.0.2 - RCE
CVSS 10.0
CVE-2024-50482 CRITICAL
Chetan Khandla Woocommerce Product Design <1.0.0 - Code Injection
CVSS 10.0
CVE-2024-50480 CRITICAL
azexo Marketing Automation <1.27.80 - RCE
CVSS 9.9
CVE-2024-50496 CRITICAL
Webandprint AR < 7.0 - Unrestricted File Upload
CVSS 10.0
CVE-2024-50495 CRITICAL
Widgilabs Plugin Propagator < 0.1 - Unrestricted File Upload
CVSS 10.0
CVE-2024-48594 HIGH
Fast5 Prison Management System - Unrestricted File Upload
CVSS 8.8
CVE-2024-50623 CRITICAL KEV
Cleo Harmony < 5.8.0.21 - Unrestricted File Upload
CVSS 9.8
CVE-2024-10420 MEDIUM
Nurhodelta17 Attendance And Payroll System - Unrestricted File Upload
CVSS 6.3
CVE-2024-10413 MEDIUM
Janobe Online Hotel Reservation System - Unrestricted File Upload
CVSS 6.3
CVE-2024-10410 MEDIUM
Janobe Online Hotel Reservation System - Unrestricted File Upload
CVSS 6.3
CVE-2024-9932 CRITICAL
Wux Blog Editor <3.0.0 - File Upload
CVSS 9.8
CVE-2024-37847 HIGH
Radixiot Mango < 5.1.4 - Path Traversal
CVSS 8.8
CVE-2024-45263 HIGH
GL-iNet <4.6.2 - Info Disclosure
CVSS 8.8
CVE-2024-48454 HIGH
Oretnom23 Purchase Order Management System - Unrestricted File Upload
CVSS 7.2
Details
Vulnerabilities 4,016
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits