CWE-434

Medium likelihood

Unrestricted Upload of File with Dangerous Type

Parent: CWE-669 - Incorrect Resource Transfer Between Spheres

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

4,016 vulnerabilities with CWE-434
CVE-2024-49676 MEDIUM
Michael Bourne Custom Icons for Elementor <0.3.3 - RCE
CVSS 6.6
CVE-2024-49671 CRITICAL
Dogu Pekgoz AI Image Generator <1.1.8 - RCE
CVSS 9.9
CVE-2024-49669 CRITICAL
Alexander De Ridder INK Official <4.1.2 - RCE
CVSS 9.9
CVE-2024-49668 CRITICAL
Verbalize WP - RCE
CVSS 10.0
CVE-2024-49658 CRITICAL
Ecomerciar Woocommerce Custom Profile Picture <1.0 - RCE
CVSS 9.9
CVE-2024-49653 CRITICAL
James Eggers Portfolleo <1.2 - RCE
CVSS 9.9
CVE-2024-49652 CRITICAL
ReneeCussack 3D Work In Progress <1.0.3 - Unrestricted File Upload
CVSS 9.9
CVE-2024-10293 MEDIUM
ZZCMS 2023 - Unrestricted Upload
CVSS 6.3
CVE-2024-10292 MEDIUM
ZZCMS 2023 - Unrestricted Upload
CVSS 6.3
CVE-2024-46482 HIGH
Ladybird Web Solution Faveo-Helpdesk <2.0.3 - RCE
CVSS 8.2
CVE-2024-10201 HIGH
Administrative Management System - RCE
CVSS 8.8
CVE-2024-49610 CRITICAL
Jack Zhu - Unrestricted Upload of File with Dangerous Type
CVSS 10.0
CVE-2024-49607 CRITICAL
Redwan Hilali WP Dropbox Dropins - Unrestricted Upload
CVSS 10.0
CVE-2024-49331 CRITICAL
Myriadsolutionz Property Lot Manageme... - Unrestricted File Upload
CVSS 9.9
CVE-2024-49330 CRITICAL
Brx8r Nice Backgrounds < 1.0 - Unrestricted File Upload
CVSS 10.0
CVE-2024-49329 CRITICAL
Vivektamrakar WP Rest API Fns < 1.0.0 - Unrestricted File Upload
CVSS 10.0
CVE-2024-49327 CRITICAL
Asepbagjapriandana Woostagram Connect - Unrestricted File Upload
CVSS 10.0
CVE-2024-49326 CRITICAL
Vasiliskerasiotis Affiliator < 2.1.3 - Unrestricted File Upload
CVSS 10.0
CVE-2024-49324 CRITICAL
Sovratec Case Management < 1.0.0 - Unrestricted File Upload
CVSS 10.0
CVE-2024-49611 CRITICAL
Paxman Product Website Showcase - Unrestricted Upload
CVSS 10.0
CVE-2024-10161 MEDIUM
PHPGurukul Boat Booking System 1.0 - Unrestricted Upload
CVSS 6.3
CVE-2024-10120 HIGH
wfh45678 Radar <1.0.8 - Unrestricted Upload
CVSS 7.3
CVE-2024-49314 CRITICAL
JiangQie Free Mini Program <2.5.2 - Unrestricted File Upload
CVSS 10.0
CVE-2024-49291 CRITICAL
Gora Tech LLC Cooked Pro <1.8.0 - Uplaod of File with Dangerous Type
CVSS 10.0
CVE-2024-49398 HIGH
Product <Version - RCE
Details
Vulnerabilities 4,016
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits