CWE-434

Medium likelihood

Unrestricted Upload of File with Dangerous Type

Parent: CWE-669 - Incorrect Resource Transfer Between Spheres

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

4,016 vulnerabilities with CWE-434
CVE-2024-48180 CRITICAL
Classcms < 4.8 - Unrestricted File Upload
CVSS 9.8
CVE-2024-49260 CRITICAL
Limb WordPress Gallery Plugin - Code Injection
CVSS 9.9
CVE-2024-49242 CRITICAL
Shafiq Digital Lottery <3.0.5 - RCE
CVSS 10.0
CVE-2024-49216 CRITICAL
Joshua Clayton Feed Comments <0.2.1 - RCE
CVSS 10.0
CVE-2024-48035 CRITICAL
Takayuki Imanishi ACF Images Search And Insert <1.1.4 - RCE
CVSS 9.9
CVE-2024-48034 CRITICAL
Fliperrr Team Creates 3D Flipbook, PDF Flipbook <1.2 - RCE
CVSS 9.9
CVE-2024-48027 CRITICAL
xaraartech <1.0.2 - Unrestricted File Upload
CVSS 9.9
CVE-2024-47649 CRITICAL
Iconize <1.2.4 - URFDT
CVSS 9.1
CVE-2024-49257 CRITICAL
Azz Anonim Posting <0.9 - RCE
CVSS 10.0
CVE-2024-8918 HIGH
Filemanagerpro File Manager < 8.3.10 - Unrestricted File Upload
CVSS 7.4
CVE-2024-8746 HIGH
File Manager Pro <8.3.9 - Info Disclosure
CVSS 7.5
CVE-2024-48782 CRITICAL
DYCMS Open-Source <v2.0.9.41 - RCE
CVSS 9.8
CVE-2024-48781 CRITICAL
Wanxing Technology Yitu Project Management Kirin Edition <2.3.6 - RCE
CVSS 9.8
CVE-2024-9975 MEDIUM
SourceCodester Drag and Drop Image Upload 1.0 - Unrestricted Upload
CVSS 6.3
CVE-2024-9985 CRITICAL
Enterprise Cloud Database - Code Injection
CVSS 10.0
CVE-2024-9981 HIGH
FormosaSoft - RCE
CVSS 8.8
CVE-2024-9904 MEDIUM
07flycms < 1.2.0 - Unrestricted File Upload
CVSS 4.7
CVE-2024-9903 MEDIUM
07flycms < 1.2.0 - Unrestricted File Upload
CVSS 4.7
CVE-2024-46088 CRITICAL
Zhejiang University Entersoft CRM <2024 - RCE
CVSS 9.8
CVE-2024-42640 CRITICAL
angular-base64-upload <v0.1.21 - RCE
CVSS 9.8
CVE-2024-9855 MEDIUM
07flycms - Unrestricted File Upload
CVSS 4.7
CVE-2024-9816 MEDIUM
Codezips Tourist Management System - Unrestricted File Upload
CVSS 4.7
CVE-2024-9815 MEDIUM
Codezips Tourist Management System - Unrestricted File Upload
CVSS 4.7
CVE-2024-9794 MEDIUM
Codezips Online Shopping Portal - Unrestricted File Upload
CVSS 6.3
CVE-2024-47423 HIGH
Adobe Framemaker <2020.6, 2022.4 - RCE
CVSS 7.8
Details
Vulnerabilities 4,016
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits