CWE-434
Medium likelihoodUnrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
4,119 vulnerabilities with CWE-434
CVE-2024-52376
CRITICAL
cmsMinds Boat Rental Plugin <1.0.1 - RCE
CVSS 10.0
CVE-2024-52375
CRITICAL
Arttia Creative Datasets Manager <1.5 - RCE
CVSS 10.0
CVE-2024-52374
CRITICAL
Do That Task <= 1.5.5 - Arbitrary File Upload
CVSS 10.0
CVE-2024-52373
CRITICAL
Devexhub Gallery <= 2.0.1 - Unauthenticated Arbitrary File Upload
CVSS 10.0
CVE-2024-52372
CRITICAL
WebTechGlobal Easy CSV Importer <7.0.0 - Unrestricted File Upload
CVSS 10.0
CVE-2024-52302
HIGH
common-user-management - Profile Picture Upload Remote Code Execution
CVE-2024-11214
MEDIUM
Best Employee Management System 1.0 - Unrestricted File Upload via Profile Image Parameter
CVSS 4.7
CVE-2024-11211
MEDIUM
EyouCMS < 1.6.7 - Unrestricted File Upload in Website Logo Handler
CVSS 4.7
CVE-2024-10820
CRITICAL
WooCommerce Upload Files <= 84.3 - Unauthenticated Arbitrary File Upload via upload_files() Function
CVSS 9.8
CVE-2024-11138
LOW
DedeCMS 5.7.116 - Unrestricted File Upload via logoimg Parameter
CVSS 2.7
CVE-2024-11122
MEDIUM
Lingdang CRM < 8.6.4.3 - Unrestricted File Upload via /crm/wechatSession/index.php
CVSS 6.3
CVE-2024-11018
CRITICAL
Grand Vice Webopac 6-6.5.1 - Unauthenticated Arbitrary File Upload and Remote Code Execution
CVSS 9.8
CVE-2024-11017
HIGH
Vice Webopac 6-6.5.1 - Authenticated Unrestricted Upload of File with Dangerous Type
CVSS 8.8
CVE-2024-51793
CRITICAL
Webful Creations Computer Repair Shop <3.8115 - RCE
CVSS 10.0
CVE-2024-51792
CRITICAL
Dang Ngoc Binh Audio Record <1.0 - RCE
CVSS 10.0
CVE-2024-51791
CRITICAL
Made I.T. Forms <= 2.8.0 - Unauthenticated Arbitrary File Upload
CVSS 10.0
CVE-2024-51790
CRITICAL
Team HB WEBSOL HB AUDIO GALLERY <3.0 - RCE
CVSS 10.0
CVE-2024-51789
CRITICAL
UjW0L Image Classify <1.0.0 - Code Injection
CVSS 10.0
CVE-2024-51788
CRITICAL
The Novel Design Store Directory <4.3.0 - Unrestricted Upload of Fi...
CVSS 10.0
CVE-2024-11054
MEDIUM
Simple Music Cloud Community System 1.0 - Unauthenticated Unrestricted File Upload via pp Argument
CVSS 6.3
CVE-2024-10801
CRITICAL
WordPress User Extra Fields <16.5 - RCE
CVSS 9.8
CVE-2024-10547
CRITICAL
WP Membership < 1.6.2 - Unauthenticated Arbitrary File Upload via user_profile_image_upload()
CVSS 9.8
CVE-2024-10627
CRITICAL
WooCommerce Support Ticket System <= 17.7 - Unauthenticated Arbitrary File Upload via ajax_manage_file_chunk_upload()
CVSS 9.8
CVE-2024-51152
HIGH
alexstack/laravel_cms < 1.4.7 - Remote Code Execution via Unrestricted File Upload
CVSS 7.2
CVE-2024-11000
MEDIUM
CodeAstro Real Estate Management System 1.0 - Unrestricted File Upload via About Us Page aimage Parameter
CVSS 4.7
Details
Vulnerabilities
4,119
Exploit Likelihood
Medium